Abstract / Excerpt:
Websites nowadays are more complex, containing a lot of dynamic content making the experience for the user more enjoyable. This dynamic content is achieved through the use of web applications which can convey different output to a user. Dynamic websites suffer from a threat called Cross-Site Scripting (also known as XSS) attack. There were number of studies which focus on creating a tool in detecting this XSS attack and some by avoiding such attack.
In this paper, the proponents discussed the development of XSS prevention that is integrated in the Firefox browser through an extension. The web page which is requested by the user is being processed through parsing algorithm first. The page then is checked against XSS attack strings. Pages that are vulnerable to XSS attacks are being marked. The marked outputs were returned to the user to prevent unintended execution of the script and a notification will be sent. The said outputs will be encoded which is then redirected to a safe page. The approach developed by the proponents which was named XSStopper, runs at varied time and evaluates one page at a time.
Info
| Source Institution | Ateneo de Davao University |
| Unit | Computer Studies |
| Authors | Clenista, Allysa Mariel T., Rosauro, Chrestine Joy V. |
| Page Count | 10 |
| Place of Publication | Davao City |
| Original Publication Date | September 1, 2010 |
| Tags | Cross-Site Scripting (XSS), Prevention |
Preview
Download the PDF file .