Server Help

Trash Talk - Preventing XSS attacks?
Quan Chi2 - Sat Oct 14, 2006 4:18 pm
Post subject: Preventing XSS attacks?
I know that one of the best ways to prevent XSS attacks is to limit user input, but its I really want to know some other ways if there are any. I'm used to remote file inclusion vulnerabilities, and I know how they work for the most part, but are there techniques for looking through my files to make sure they aren't vulnerable without missing anything? What techniques do you use?
Solo Ace - Sat Oct 14, 2006 5:24 pm
Post subject:
'We' don't use a technique, 'we' just know the language 'we' write.
Quan Chi2 - Sat Oct 14, 2006 7:22 pm
Post subject:
Well you must have some system you use to go through the files to check for vulnerabilities. :S
Cerium - Sun Oct 15, 2006 5:56 am
Post subject:
In your case: Let someone else code it.



Seriously though, it's just making sure the user has little to no control over the values of important variables (IE: those used in queries or to specify files).



Also, MGB:
When I try to post using the quick reply option, I get a "You must enter a message when posting" error.
Did you take away my ability to use the quick reply?
Doc Flabby - Sun Oct 15, 2006 7:02 am
Post subject:
or do what i do wait untill someone breaks it biggrin.gif
The Apache - Sun Oct 15, 2006 9:35 am
Post subject:
Cerium wrote:
Also, MGB:
When I try to post using the quick reply option, I get a "You must enter a message when posting" error.
Did you take away my ability to use the quick reply?


hmmm, well, i didn't get an error - so yeah, it must be only you.
Solo Ace - Sun Oct 15, 2006 2:48 pm
Post subject:
Cerium, uhm, maybe your javascript's disabled or messed up/'secured'? tongue.gif
Cerium - Sun Oct 15, 2006 4:03 pm
Post subject:
Yup... I installed NoScript recently and I keep forgetting to allow sites I visit.

Didn't even think about it until you guys mentioned it.
All times are -5 GMT
View topic
Powered by phpBB 2.0 .0.11 © 2001 phpBB Group