Over a million developers have joined DZone.

XSS Is Still Tricky

· Web Dev Zone

Easily build powerful user management, authentication, and authorization into your web and mobile applications. Download this Forrester report on the new landscape of Customer Identity and Access Management, brought to you in partnership with Stormpath.

 This works in Safari, Firefox, Chrome, and Opera.

<!DOCTYPE html>
<head>
<title>Oh no!</title>
<script type="text/javascript">
    var xss = "</script><script>alert('XSS');</script>";
</script>
</head>
<body>
<p>And you thought parsers were smart.</p>
</body>
</html>




The Web Dev Zone is brought to you by Stormpath—offering a complete, pre-built User Management API for building web and mobile applications, and APIs. Download our new whitepaper: "Build Versus Buy: Customer Identity Management for Web and Mobile Applications".

Topics:

Published at DZone with permission of Chris Shiflett , DZone MVB .

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}