blog.ironwasp.org
IronWASP - Open Source Advanced Web Security Testing Platform: July 2014
http://blog.ironwasp.org/2014_07_01_archive.html
IronWASP - Open Source Advanced Web Security Testing Platform. Tuesday, July 29, 2014. Contexts and Cross-site Scripting - a brief intro. Posted a question in the IronWASP. Facebook group asking about the different potential contexts related to XSS to better understand how context specific filtering is done. It would be hard to post the response in a comment so I am turning it in to a blog post instead. 1) Simple HTML Context. Some html tag user input. 2) HTML Attribute Name Context. In this context you ...
blog.ironwasp.org
IronWASP - Open Source Advanced Web Security Testing Platform: Contexts and Cross-site Scripting - a brief intro
http://blog.ironwasp.org/2014/07/contexts-and-cross-site-scripting-brief.html
IronWASP - Open Source Advanced Web Security Testing Platform. Tuesday, July 29, 2014. Contexts and Cross-site Scripting - a brief intro. Posted a question in the IronWASP. Facebook group asking about the different potential contexts related to XSS to better understand how context specific filtering is done. It would be hard to post the response in a comment so I am turning it in to a blog post instead. 1) Simple HTML Context. Some html tag user input. 2) HTML Attribute Name Context. In this context you ...