BestHub
Sign in
Tag

XSS

1 views collected around this technical thread.

php中文网 Courses
php中文网 Courses
May 28, 2025 · Information Security

Understanding XSS Attacks and Prevention Methods in PHP

Cross‑Site Scripting (XSS) is a common web security vulnerability where malicious scripts are injected into pages, and this article explains typical PHP XSS scenarios, demonstrates code examples, and outlines effective mitigation techniques such as htmlspecialchars(), HTML Purifier, proper headers, secure cookies, CSP, and best practices.

Content Security PolicyPHPWeb Security
0 likes · 5 min read
Understanding XSS Attacks and Prevention Methods in PHP
Code Mala Tang
Code Mala Tang
May 8, 2025 · Fundamentals

Why Python 3.14 Introduces T‑Strings: A Safer Alternative to f‑Strings

Python 3.14 adds the PEP 750 T‑string syntax to address security risks in existing string formatting methods like f‑strings, offering a template‑based approach that enables safer handling of user input, SQL queries, and HTML rendering.

PythonSQL injectionString Formatting
0 likes · 11 min read
Why Python 3.14 Introduces T‑Strings: A Safer Alternative to f‑Strings
Java Tech Enthusiast
Java Tech Enthusiast
Apr 27, 2025 · Frontend Development

Common Front-End Security Attacks, Principles, and Mitigations

The article outlines prevalent front‑end security threats such as XSS, SQL injection, CSRF, MITM, clickjacking, misconfiguration, and vulnerable dependencies, explains their underlying principles, and recommends practical mitigations including input validation, CSP, HTTPS/TLS, CSRF tokens, secure headers, regular audits, and dependency scanning.

CSRFClickjackingMITM
0 likes · 8 min read
Common Front-End Security Attacks, Principles, and Mitigations
Tencent Technical Engineering
Tencent Technical Engineering
Apr 10, 2025 · Information Security

AI-Generated Code Introduces XSS Vulnerabilities: A Case Study and Security Guidance

The Woodpecker team shows that AI‑generated code, exemplified by Simon Willison’s HTML slideshow tool, can embed unsanitized inputs that create exploitable XSS flaws, and they recommend zero‑trust AI prompts, rigorous input filtering, CSP, AI‑assisted scanning, and secure supply‑chain practices to mitigate such risks.

AI securityCSPSimon Willison
0 likes · 9 min read
AI-Generated Code Introduces XSS Vulnerabilities: A Case Study and Security Guidance
php中文网 Courses
php中文网 Courses
Mar 10, 2025 · Information Security

Security Protection Strategies and Vulnerability Mitigation for PHP Applications

This article examines essential security measures for PHP applications, covering protection against SQL injection, XSS, CSRF, unsafe file uploads, session fixation, weak passwords, error disclosure, and the importance of HTTPS, with practical code examples and configuration tips to build more resilient web services.

CSRFFile UploadHTTPS
0 likes · 8 min read
Security Protection Strategies and Vulnerability Mitigation for PHP Applications
Rare Earth Juejin Tech Community
Rare Earth Juejin Tech Community
Jan 1, 2025 · Information Security

Preventing XSS Attacks in Rich Text Editors: Concepts, Types, and Implementation

This article explains what XSS attacks are, describes the three main XSS types, and provides practical JavaScript functions for sanitizing and restoring rich‑text content to protect web applications from high‑risk cross‑site scripting vulnerabilities.

JavaScriptRich TextSanitization
0 likes · 7 min read
Preventing XSS Attacks in Rich Text Editors: Concepts, Types, and Implementation
Top Architect
Top Architect
Sep 13, 2024 · Backend Development

Defending Against XSS Attacks in Spring Boot Applications Using Annotations and Filters

This article explains how to protect Spring Boot web applications from Cross‑Site Scripting (XSS) attacks by introducing two main defense mechanisms—custom @XSS annotations and servlet filters—complete with implementation details, code examples, configuration steps, and testing results.

AnnotationFilterJava
0 likes · 22 min read
Defending Against XSS Attacks in Spring Boot Applications Using Annotations and Filters
Java Tech Enthusiast
Java Tech Enthusiast
Sep 1, 2024 · Information Security

XSS Defense in Spring Boot Applications

The article explains how to protect Spring Boot applications from XSS attacks by using custom annotations such as @XSS with an XssValidator and by implementing a request‑filter chain—including XssFilter and XssWrapper—to sanitize input, demonstrating through tests that both approaches reliably secure user data.

DefenseJavaSpring Boot
0 likes · 14 min read
XSS Defense in Spring Boot Applications
360 Smart Cloud
360 Smart Cloud
Jul 11, 2024 · Information Security

Web Security Fundamentals: Secure Coding, SQL Injection, XSS, and File Management

This article provides a comprehensive overview of web security, covering authentication, input validation, secure coding practices, SQL injection and XSS attack mechanisms, detection methods, defensive techniques, and best practices for secure file upload and download.

File UploadSQL injectionSecure Coding
0 likes · 15 min read
Web Security Fundamentals: Secure Coding, SQL Injection, XSS, and File Management
php中文网 Courses
php中文网 Courses
Dec 26, 2023 · Information Security

Preventing Cross-Site Scripting (XSS) in PHP Using Data Filtering

This article explains the principles of XSS attacks and demonstrates how to prevent them in PHP by using htmlspecialchars for output escaping, mysqli or PDO prepared statements for database queries, and the filter_var function with appropriate filters, providing clear code examples for each method.

Data FilteringPHPXSS
0 likes · 5 min read
Preventing Cross-Site Scripting (XSS) in PHP Using Data Filtering
php中文网 Courses
php中文网 Courses
Dec 15, 2023 · Backend Development

Using PHP htmlspecialchars() to Escape Special Characters

This article explains the PHP htmlspecialchars() function, its syntax and parameters, demonstrates how to escape special characters, quotes, and specify encoding or disable double‑encoding, and shows how it helps prevent XSS attacks in web applications.

PHPXSSbackend
0 likes · 4 min read
Using PHP htmlspecialchars() to Escape Special Characters
php中文网 Courses
php中文网 Courses
Dec 13, 2023 · Backend Development

Handling Cross-Origin Requests and Security Restrictions in PHP

This article explains how to use PHP functions such as header(), mysqli_real_escape_string(), and htmlspecialchars() to enable cross-origin resource sharing, handle preflight OPTIONS requests, and protect against SQL injection and XSS attacks, thereby improving web security and user experience.

CORSSQL injectionXSS
0 likes · 4 min read
Handling Cross-Origin Requests and Security Restrictions in PHP
php中文网 Courses
php中文网 Courses
Oct 25, 2023 · Information Security

Common Security Vulnerabilities in PHP Web Applications and How to Prevent Them

This article outlines the most frequent security flaws found in PHP web applications—including SQL injection, XSS, CSRF, insecure file uploads, remote code execution, weak password storage, and session hijacking—and provides practical mitigation techniques for each.

CSRFFile UploadPHP
0 likes · 6 min read
Common Security Vulnerabilities in PHP Web Applications and How to Prevent Them
Test Development Learning Exchange
Test Development Learning Exchange
Oct 16, 2023 · Information Security

Python Techniques for Data Protection and Privacy: Encryption, Hashing, SSL/TLS, and Common Security Measures

This article presents practical Python examples for enhancing network security, covering symmetric and asymmetric encryption, hash functions, password hashing, SSL/TLS communication, SQL injection prevention, XSS mitigation, CSRF protection, and secure password storage to safeguard data and privacy.

CSRFHashingPython
0 likes · 7 min read
Python Techniques for Data Protection and Privacy: Encryption, Hashing, SSL/TLS, and Common Security Measures
php中文网 Courses
php中文网 Courses
Oct 10, 2023 · Information Security

Common PHP Security Vulnerabilities and Mitigation Techniques

This article outlines prevalent PHP security issues such as SQL injection, cross‑site scripting, and session hijacking, and provides practical mitigation strategies with detailed code examples to help developers safeguard their applications against these attacks.

Code ExamplePHPSQL injection
0 likes · 4 min read
Common PHP Security Vulnerabilities and Mitigation Techniques
php中文网 Courses
php中文网 Courses
Oct 8, 2023 · Information Security

Common PHP Security Issues and Mitigation Techniques

This article outlines frequent PHP security vulnerabilities such as SQL injection, XSS, unsafe file uploads, and sensitive data exposure, and demonstrates how to mitigate them with prepared statements, input escaping, file validation, and secure configuration practices using concrete code examples.

File UploadSQL injectionSensitive Data
0 likes · 5 min read
Common PHP Security Issues and Mitigation Techniques
php中文网 Courses
php中文网 Courses
Sep 16, 2023 · Information Security

How to Use PHP htmlspecialchars() to Escape Special Characters and Prevent XSS

This article explains the purpose, syntax, optional parameters, and practical examples of PHP's htmlspecialchars() function, demonstrating how to safely convert special characters to HTML entities, control encoding and flags, avoid double‑encoding, and follow important usage considerations for secure web development.

PHPWeb SecurityXSS
0 likes · 6 min read
How to Use PHP htmlspecialchars() to Escape Special Characters and Prevent XSS
php中文网 Courses
php中文网 Courses
Aug 11, 2023 · Information Security

PHP Code Security Testing: Review, Tools, and Practices

This article explains how to secure PHP web applications by performing code reviews, validating user input, preventing SQL injection and XSS, and using security testing tools such as PHP Security Scanner, OWASP ZAP, and Kali Linux, along with practical testing methods like boundary, authorization, and exception handling.

Code ReviewPHPSQL injection
0 likes · 5 min read
PHP Code Security Testing: Review, Tools, and Practices