A Server Side Solution for Protection of Web Applications from Cross-Site Scripting Attacks
A. Duraisamy1, M. Sathiyamoorthy2, S. Chandrasekar3
1A.Duraisamy, Department of Information Technology, University College of Engineering, Tindivanam (Tamil Nadu), India.
2M.Sathiyamoorthy, Department of Information Technology, University College of Engineering, Tindivanam (Tamil Nadu), India.
3S.Chandrasekar, Department of Information Technology, University College of Engineering, Tindivanam (Tamil Nadu), India.
Manuscript received on 12 March 2013 | Revised Manuscript received on 21 March 2013 | Manuscript Published on 30 March 2013 | PP: 130-137 | Volume-2 Issue-4, March 2013 | Retrieval Number: D0546032413/13©BEIESP
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Cross-Site scripting attacks occur when accessing information in intermediate trusted sites. Cross-Site Scripting (XSS) is one of the major problems of any Web application. Web browsers are used in the execution of commands in web pages to enable dynamic Web pages attackers to make use of this feature and to enforce the execution of malicious code in a user’s Web browser. This paper describes the possibilities to filter JavaScript in Web applications in server side protection. Server side solution effectively protects against information leakage from the user’s environment. Cross-Site scripting attacks are easy to execute, but difficult to detect and prevent. The flexibility of HTML encoding techniques, offers the attacker many possibilities for circumventing server-side input filters that should prevent malicious scripts from being injected into trusted sites. Cross site scripting (XSS) attacks are currently the most exploited security problems in modern web applications. These attacks make use of vulnerabilities in the code of web-applications, resulting in serious consequences, such as theft of cookies, passwords and other personal credentials. It is caused by scripts, which do not sanitize user input.
Keywords: Web Application, Cross Site Scripting, Server Side Solution, Detection of XSS Attacks, XSS Filter, HTML Input Filter.
Scope of the Article: Web Technologies