There are quite a few methods of evading XSS vulnerabilities. But the best method is HTML encoding. Most scripting languages support HTML encoding, in PHP for example, you simply pass your string through the htmlentities() function, and it will convert your string to the HTML coded values, and in perl you would use this method of encoding :
$a = "lolwtfhax";
use HTML::Entities ();
$encoded = HTML::Entities::encode($a);
$a = "lolwtfhax";
use HTML::Entities ();
$encoded = HTML::Entities::encode($a);
No comments:
Post a Comment