O'Reilly logo

Serverless Single Page Apps by Ben Rady

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cross-Site Scripting Attacks

A cross-site scripting (XSS) attack involves including <script> tags or other HTML markup in content that is appended directly to HTML elements in a page. This causes the markup to be evaluated, and in the case of <script> tags, this means that the JavaScript inside the tags will be evaluated. Since single page apps make heavy use of dynamic HTML, we need to be concerned about this kind of attack.

XSS Injection Methods

In 2014, programmer Jamie Hankins demonstrated a flaw in many websites that provide DNS information. DNS records are public and free to access, so many sites have sprung up to let people easily find this information on the web. Unfortunately, some of these sites are hastily constructed, and they found ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required