What is the general concept behind XSS?
As the answers on how XSS can be malicious are already given, I’ll only answer the following question left unanswered: how can i prevent XSS from happening on my websites ? As to preventing from XSS, you need to HTML-escape any user-controlled input when they’re about to be redisplayed on the page. This includes request … Read more