Posts

Showing posts from December, 2009

XSS vulnerability

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which enable malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. One common way to solve is: Ensure that parameters and user input are sanitized by doing the following: # Remove < input and replace with < # Remove > input and replace with > # Remove ' input and replace with ' # Remove " input and replace with " # Remove ) input and replace with ) # Remove ( input and replace with (

How to send JSON object using JQUERY to PHP?

After struggling for hours and googling more, finally i succeeded in commincating over Json object. I will share the code: JS side: var datastring=JSON.stringify(obj); $.post('getmessage.php',{data:datastring},function(res){ alert("HIIII"+res); },"text"); }); php side: $data=json_decode(stripslashes($_REQUEST['data']),true); echo $data['page']; ?>