Evan Martin (evan) wrote in evan_tech,
Evan Martin

xss cheat sheet

Via nikolasco, XSS cheat sheet. High signal to noise ratio, with snippets that make me wince like "IMG SRC=&#0000106&#000009", and Brad's favorite, "someattr="jav ascript:alert('XSS');"".

Lots of stuff on there I hadn't seen before. I'm glad I don't have to deal with this stuff.
Tags: javascript

  • inspiration

    _why: "when you don't create things, you become defined by your tastes rather than ability. your tastes only narrow & exclude people. so create."

  • exceptions

    This bug makes me a little sad. From one of the patches for fixing: - @string = (str.string rescue str) + @string = str.respond_to?(:string) ?…

  • minimal openid consumer

    Here's a minimal OpenID consumer using the Ruby OpenID libraries. (Their included examples only contain Rails spew.) This example is useful for…

  • Post a new comment


    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.