#1 Security threats — XSS

Intro

Cross Site Scripting — XSS

Impact of XSS

Types of XSS

Non-persistent XSS
stored XSS

1. User Input
👉 Consider all the Inputs as a threat and validate them.
👉 Escape all special characters which are related to HTML.
2. Validate and Sanitize the data
3. Encode HTML output
4. Use the Right response headers
5. Use Content Security Policies(CSP)
(Please checkout here to know more about CSP)

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store