XSS formal descriptionTypes – at least two primary flavors• Non-persistent (or reflected)• Persistent (or stored)Typical impact• Steal user’s session (hijack session)• Rewrite web page• Redirect user to phishing or malware site• Most Severe: Install XSS proxy
Prevention of XSS Attack – part 1• Input Validation • Canonicalize data first • Prevent encoded attacks • Black list testing is no solution • Black lists are never complete! • White list testing is better • Only what you expect will pass • Regular expressions • HTML Encoding • HTML encoding of all input when put into output pages
Prevention of XSS Attack – Multiple contextsBrowser have multiple contexts that must be considered! HTML HTML <STYLE> <SCRIPT> URL Body Attributes Context Context Context
Prevention of XSS Attack – Session Hijacking• Session hijacking • “HttpOnly" Cookies • "secure" Cookies. Cookies are only sent over SSL • Disable TRACE• References: • http://www.owasp.org/index.php/XSS_(Cross Site Scripting) Prevention Cheat Sheet • http://ha.ckers.org/xss.html • http://www.owasp.org/index.php/ESAPI
Diamond SponsorsPlatinum Sponsors Gold SponsorsTraining Partners Media Partners Other Partners
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.