O'Reilly logo

ASP.NET MVC 4 Mobile App Development by Andy Meadows

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cross-Site Scripting (XSS)

Cross-Site Scripting is an attack that can occur when a user injects client-side script into a page in an attempt to gather information or infect the computers of other users. Specific things that can occur as a result of an XSS attack are the forcible download of viruses and bots, theft of cookies containing identifying information and/or login credentials of a user, or the ability to modify the content of a site.

XSS attacks usually occur when a user is allowed to submit HTML content to a site as part of a form submission.

Assume that we wanted to let users submit formatted HTML to our app in the GrainBill and Instruction fields of our recipe creation and editing views. Without careful implementation on our part, it ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required