Cross Site Scripting (XSS) Attack

How Prevents HTML DOM Based Cross Site Scripting (XSS) Attacks?

What Is Cross Site Scripting (XSS) Attack?

The Cross Site Scripting (XSS) attack is a type of injection and attackers inject your web applications using the client side scripts and malicious code into web pages.

An attacker can insert vulnerability scripts and malicious code in your web applications.

The Cross Site Scripting (XSS) attacks are common on web browsers and it carried out on websites around 84% (approximately).

How Prevents HTML DOM Based XSS attacks?
<script type="text/javascript">
  let escapeHTML = function(unsafe_str) {
    return unsafe_str
        .replace(/&/g, '&amp;')
        .replace(/</g, '&lt;')
        .replace(/>/g, '&gt;')
        .replace(/\"/g, '&quot;')
        .replace(/\'/g, '&#39;')
        .replace(/\//g, '&#x2F;')

//Bind HTML - DOM
element.innerHTML = escapeHTML(iputData);


I hope you are enjoying with this post! Please share with you friends. Thank you so much!

Anil Singh is an author, tech blogger, and software programmer. Book writing, tech blogging is something do extra and Anil love doing it. For more detail, kindly refer to this link..

My Tech Blog -
My Books - Book 1 and Book 2 Powered by Blogger.