From the course: React: Securing Applications
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Cross-site scripting (XSS) attacks - React.js Tutorial
From the course: React: Securing Applications
Cross-site scripting (XSS) attacks
- [Instructor] Cross-site scripting attacks is when a malicious script is injected into a trusted site. For example, add JavaScript code into an unsuspecting input in a form, and then use this to do all kinds of no good. Some example of attacks have been pulling data from cookies, session tokens, and all kinds of sensitive information. Let me demonstrate an example of cross-site scripting. So go to google.com/about/appsecurity/learning/xss and once you get to this website, scroll down until you see this window here. And then click on show demo. So basically, how you do cross scripting is to add code inside of a form, so right now if I just do a search text, you're going to see that test is basically what we're searching for and the results are basically what we expect. But if we refresh that page and then go back to the demo, and then do that again but insert code with it, so if I did underline, and this is HTML by the…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.