xss

[Ninjakreborn]

I have done a lot of checking around about something called xss, where a malicious user tries to gain access to a database, by malicious means, but I have found nothing on how you can best prevent this, does anyone know, or has someone had an experience with a malicious attacker, using xss, and found a way around it or learnt from it.

[poirot]

XSS means "Cross Server Scripting", it's when the attacker manages to inject code in a script; a user that views the page will execute the script, which may be used to steal cookies or whatever.

[Ninjakreborn]

so I shoudl then learn xss, and start utlilizing it for the purposes, of preventing people from doing it, the best way to attack an enemy is to know them, so wouldn't I need to know there style in order to help prevent against it.

[kenrbnsn]

xss is not something you want to learn, but you want to learn how to protect against. These days, security needs to be designed into a script from step 1, not put in as an after thought. A good place to start is at the [a href=\"http://phpsec.org/\" target=\"_blank\"]PHP Security Consortium[/a]. Some of the articles found there might be over your head now, but reading them will get you started.

Ken

[Ninjakreborn]

thanks.