Chapter

Cross-site Scripting Fundamentals

Authors:
Champ Clark
Champ Clark
Champ Clark
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Larry Chaffin
Larry Chaffin
Larry Chaffin
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Anton Chuvakin
Anton Chuvakin
Anton Chuvakin
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Scott Paladino
Scott Paladino
Scott Paladino
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Show all 12 authorsHide
Download citation
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

This chapter deals with cross-site scripting (XSS), which is an attack vector that can be used to steal sensitive information, hijack user sessions, and compromise the browser and the underplaying system integrity. XSS vulnerabilities have existed since the early days of the Web. In 1999, inspired by the work of Georgi Guninski, David Ross published the first paper on XSS flaws entitled “Script Injection.” In 2005, the first XSS worm known as Samy attacked the popular social networking Web site MySpace. Today, they represent the biggest threat to e-commerce, a billions of dollars a day industry. This chapter further discusses AJAX that is a technology that powers interactive Web applications with improved user experience, greater usability, and increased processing speed. The core component of AJAX is the XMLHttpRequest object, which provides greater control on the request and the response initiated by the browser. DOM is a W3C standard that defines how to represent XML tree structures. It is important to understand the basics of XML and AJAX, as they are becoming an integral part of the Internet. It is also important to understand the impact these technologies will have on traditional Web application security testing.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... Reflected XSS (aka Non-Persistent or Type 1 or First-Order) [32,34,35] occurs when a vulnerable Web application accepts malicious code as part of an HTTP request and immediately, without doing any sanitization, includes it as part of the HTTP response. ...
... Stored XSS (aka Persistent or Type 2 or Second-Order) [32,34,35] occurs when a vulnerable Web application accepts malicious code, stores it and later distributes it in response to a separate HTTP request. In contrast to reflected XSS, Type 2 XSS rather than getting immediately reflected to the user, the attack payload is stored (in a database or in file system) and displayed to end-users in a Web page later. ...
View
... (2) Persistent attacks store malicious script code directly in a host website's file system, database, etc. which executes every time a client accesses and runs the HTML code [Saha 2009]. If the attacker inserts code into the hosting web site's security context, it can also gain permission to read, transmit, or change data in the web site's database [Auger 2011]. (3) DOM-based attacks append malicious scriptcontaining fragments onto URLs or any input field displayed to the user [Saha 2009]. ...
The Impact of Defensive Programming on I/O Cybersecurity Attacks
Conference Paper
  • Apr 2017
This paper presents principles of Defensive Programming and examines the growing concern that these principles are not effectively incorporated into Computer Science and related computing degree programs' curricula. To support this concern, Defensive Programming principles are applied to a case study - Cross-site Scripting cybersecurity attacks. This paper concludes that Defensive Programming plays an important role in preventing these attacks and should thus be more aggressively integrated into CS courses such as Programming, Algorithms, Databases, Computer Architecture and Organization, and Computer Networks.
View
... The Messaging API [68] is not examined in detail, but used as part of Web Workers and Server-Sent Events. It also provides methods for passing text strings between domains (which has traditionally not been allowed, to prevent Cross Site Scripting [69] attacks). ...
View
... To protect a client-side from malicious JavaScript code, browsers use a sand-boxing mechanism that limits the script to only access resources associated with its origin site. Unfortunately, JavaScript security mechanisms may be confined by the sand-boxing mechanisms and conform to the same-origin policy, but still violets the security of the system, when a user is lured into downloading malicious JavaScript code (previously created by an attacker) from a trusted website – an exploitation technique that is often called a Cross-site Scripting (XSS) attack (Robert, 2010). XSS attack is currently number two in the 2010 OWASP Top Ten vulnerabilities (http://www.owasp.org/index.php/OWASP_Top_Ten_Proj ...
Reflected XSS Vulnerability Analysis
Article
  • Jan 2013
The use of web applications has become an integral part of every aspect of human life. However, vulnerabilities within these systems have been (and would continue to be) a major concern in web application security. Amongst them, Cross Site Scripting (XSS) is a prevailing vulnerability, since they are generally easy to execute, but difficult to detect and prevent. There are three categories XSS attacks – DOM-based, stored and reflected attacks. Attackers commonly use reflected XSS as an initial attempt at hacking session tokens due to its simplicity among the three categories. This paper presents an evaluation of web browsers related vulnerabilities and the countermeasures available to web developers and proposes a model for dynamically enhancing reflected XSS protection mechanism.
View
ResearchGate has not been able to resolve any references for this publication.