The greatness of a nation and its moral progress can be judged by the way its animals are treated. I hold that the more helpless a creature the more entitled it is to protection by man from the cruelty of humankind.
Chapter 11Fight Cross-Site Scripts
In the previous chapters we focused on securing our application’s server-side code. In this chapter, we shift to the browser and look at the client side to protect the users. We’ll look at one of the most common attack vectors on the web: cross-site scripting (XSS, and yes, that’s how it’s written).
An XSS attack executes a malicious script in the targeted person’s web browser as if the script was part of the website. There’s a place somewhere on the website where user input wasn’t ...
Get Secure Your Node.js Web Application now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.