Serverless Single Page Apps

Cross-Site Scripting Attacks

A cross-site scripting (XSS) attack involves including <script> tags or other HTML markup in content that is appended directly to HTML elements in a page. This causes the markup to be evaluated, and in the case of <script> tags, this means that the JavaScript inside the tags will be evaluated. Since single page apps make heavy use of dynamic HTML, we need to be concerned about this kind of attack.

XSS Injection Methods

In 2014, programmer Jamie Hankins demonstrated a flaw in many websites that provide DNS information. DNS records are public and free to access, so many sites have sprung up to let people easily find this information on the web. Unfortunately, some of these sites are hastily constructed, and they found ...

Get Serverless Single Page Apps now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Serverless Single Page Apps by Ben Rady

Cross-Site Scripting Attacks

XSS Injection Methods

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly