created by griffio
Must secure input from untrustworthy sources so it cannot take control of the output
Encode or escape content to make it structurally compatible with the output
Sanitize or create trustworthy content using a whitelist
There has to be some contextual understanding of the data
Your Application has hundreds of HTML templates containing dynamic variables from mixed sources
A ticking time-bomb of potential exploits that need to be defused before it can be used to support token based applications
Exploitation of XSS (temporarily or persistent) results in the complete compromise of the targeted application
The attacker enters bobbie" onmouseover="alert(1) as their name
[username]
Resulting in an exploit for the user agent
If an attacker can access your browser environment then other security protections like XSRF can be overcome
Exploits are only avoided by developers following best practices all the time
Some convention is needed to determine right from wrong
Allow HTML authored by third-parties into your web application while protecting against XSS
String unsafe = "<p>Can be anything <script>alert('Boo!')</script></p>
HtmlSafe safe = "<p>Only what we explicitly allow</p>"
Values are a type determined Safe or UnSafe
Enforce a whitelist of allowable content through Policies and produce trustworthy markup
String unsafe = "<p...<script...<a href=...";
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
HtmlSafe safe = HtmlSafe.from(policy.sanitize(unsafe));
Ensures HTML content is sanitized, otherwise escape it!
Baked into the templating engine only Safe types can be rendered without being escaped
acmqueue/preventing script injection vulnerabilities through software design
Like the money in your wallet, once stolen, bearer tokens can be used without provenance
Not enough to just say tokens are safe with XSS protection
Requires continuous research and development testing with contextual escaping filters