SIN 3WEB CLIENT–RELATED VULNERABILITIES (XSS)
OVERVIEW OF THE SIN
The advent of desktop and web-based gadgets and widgets has ushered in a more common kind of sin: that of the type-0, or DOM-based, cross-site scripting vulnerability. Notice we said “more common” and not “new”; these sins are not new, but they have become more common over the last couple of years.
The two most sinful forms of code that suffer type-0 XSS are
Gadgets and widgets
Static HTML pages on the user’s computer
A gadget or widget is nothing more than a mini-application built ...
Get 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.