Re: Preventing Cross Site Scripting Vulnerbilities

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Michael B Allen wrote:

Can someone recommend a general method for avoiding / eliminating XSS
vulnerbilities with PHP?


Yeah, escape output. It's really that simple.
Curt Zirzow made a nice post related to this topic yesterday., and here's a simple example: 

http://phpsecurity.org/code/ch01-4

Hope that helps!

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux