In this book you can learn about the diferent forms of the use XSS
Contain:
- XSS Street-Fight
• Input Validation
− Whitelist Filtering
− Blacklist Filtering
− Generic Attack Payload Detection
• Identify Output Handling Flaws
− Missing output escaping of user-supplied content
• Application Response Profiling
− Track the # of scripts/iframes in pages
• Defensive JS Injection
− JS Sandbox
LINK:
Contain:
- XSS Street-Fight
• Input Validation
− Whitelist Filtering
− Blacklist Filtering
− Generic Attack Payload Detection
• Identify Output Handling Flaws
− Missing output escaping of user-supplied content
• Application Response Profiling
− Track the # of scripts/iframes in pages
• Defensive JS Injection
− JS Sandbox
LINK:
