0

Possible Duplicate:
Sanitize/Rewrite HTML on the Client Side

I am working on a HTML5 and JQuery website that parse data from JSON files.

I have a doubt on how to prevent Prevent XSS flaws for this project and what I should do to optimize the HTML5 and Javascript to don´t have any issue with XSS.

Community
  • 1
  • 1
Ben
  • 1,031
  • 3
  • 17
  • 31

1 Answers1

1

XSS is a flaw that occurs only on sites that dynamically generate pages. Web sites with Static pages are not vulnerable to XSS.

XSS flaws are of three types.

  • Persistent - User input consists of malicious software code that gets stored in the web application, and gets rendered thereafter in every request to read that along with piece of data.
  • Non-Persistent - User input consists of malicious code that get returned in server's response to the request, it doesn't get stored in the web app so it is specific to that request.
  • DOM-based - This does not involve web server, it is local to the web browser. I think this is what you are looking for.

Check out this link for good explanation on XSS. To avoid XSS you must perform input validations.

Majoris
  • 2,963
  • 6
  • 47
  • 81