XSS Cleaning |
[eluser]Pascal Kriete[/eluser]
He has a little text field at the bottom where you can test. He's obviously not doing it on purpose - but he is doing it. If I use a xss cleaner I want it to be tested to exhaustion and beyond. That clearly wasn't done here. Although the unwanted comma stripping does save him from a few vectors that would otherwise go through. For regular expression testing, I've found this firefox plugin quite useful. |
Messages In This Thread |
XSS Cleaning - by El Forum - 06-15-2008, 10:48 AM
XSS Cleaning - by El Forum - 06-15-2008, 10:57 AM
XSS Cleaning - by El Forum - 06-15-2008, 11:07 AM
XSS Cleaning - by El Forum - 06-15-2008, 01:15 PM
XSS Cleaning - by El Forum - 06-15-2008, 11:17 PM
XSS Cleaning - by El Forum - 06-15-2008, 11:53 PM
|