Brakeman Pro - Cross-Site Scripting in Rails
21-Sep-2017 3042
In the end, a web server provides HTML for a browser to render. That HTML is composed from many sources including, potentially, an attacker. Anywhere a site accepts external input can become a vector for XSS payloads: usernames, comments, reviews, bios, search queries, etc. But not just input forms! Query parameters, headers, cookies - anything the attacker can send to the server could be a source of XSS.
Brakeman Pro - Cross-Site Scripting in Rails #ruby #rubydeveloper #rubyonrails #Brakeman #Cross-Site #Scripting #Rails #scripting https://rubyonrails.ba/link/brakeman-pro-cross-site-scripting-in-rails