SWE 637: Graph Coverage

SWE 637: Graph Coverage

Web Security II Sooel Son IS511 Remember XSS ? XSS: Cross-site Scripting Attack Reflected XSS Stored XSS DOM-based XSS Universal XSS How can you mitigate the attack risks?

HTML sanitizer Browser XSS filter Web application firewall Content security policy 2 HTML sanitizer Libraries to clean untrusted HTML into safe HTML within the application. DOMPurify Google Closure

3 HTML sanitizer Libraries to clean untrusted HTML into safe HTML within the application. DOMPurify DOMPurify.sanitize('); => becomes DOMPurify.sanitize('); => becomes DOMPurify.sanitize('

abc