O'Reilly logo

Node Security by Dominic Barnes

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5. Response Layer Vulnerabilities

The last interaction you will have with a user request is, of course, the response. The discussion here will focus on vulnerabilities and best practices for this portion of your application code. This will include Cross-site Scripting (XSS), some vectors for Denial of Service (DoS) attacks, and even HTTP headers that various browsers use for implementing specific security policies.

Cross-site Scripting (XSS)

Cross-site Scripting (XSS) is one of the more popular topics while dealing with web applications, as it is the default behavior of HTML/CSS/JavaScript in many respects. Specifically, XSS is an attack vector that is used to inject untrusted and likely malicious code into a web page. Usually, this is taken ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required