Example 1
The basic reason xss vulnerability results as follows: In a Web application, part of the display contents change occurs according to the input value of the outside world, in the process of generating HTML, the character if the HTML syntax contains special meaning (meta-characters) are not proper treatment, the results will lead to HTML or Javacript is injected, so that the original HTML structure is changed, then it will spawn we often say that xss vulnerabilities.
Code Example 1 are:
For user input "name" does not do any processing. JavaScript code can then use to attack<script>alert(123)</script>
Defense Strategy :
htmlspecialchars function : escaping of HTML.
Usage: String htmlspecialchars (String String $, $ quote_style int, String $ charset);
$ string conversion target string -
$ qote_style-- conversion method (ENT_NOQUOTES, ENT_COMPAT, ENT_QUOTES)
$ charset-- character encoding. For example: UTF-8, GBK
<?php
echo htmlspecialchars($_GET["name"],ENT_COMPAT,"UTF-8");
?>
When there is no input block bomb again after modifying the source code, as this sentence is output in the page.
Example 2
preg_replace(“/<script>/”,””, $_name);
This code will be lowercase <script replaced with a null.
But the case can be used to bypass.
Defense Strategy: htmlspecialchars function using the same filter.
After modifying the test again, as is the output:
Example 3
Source:
back / <script / more of a lowercase i, then this indicates to ignore case.
Case is not filtered.
But
you can attack other form of xss:<img src=1 onerror=alert(123)>
Defense Strategy:
still function with htmlspecialchars