Insecure Processing of Data
This category covers the following issues:
Cross-Site Scripting (XSS)
Why is this important?
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise trusted websites. XSS attacks allow attackers to target legitimate users of a web application by sending malicious script code to them.
Check out this video for a high-level explanation:
Fixing Cross-Site Scripting
Option A: Perform output encoding
- Go through the issues that GuardRails identified in the PR.
- Look for patterns like this:
echo "Hello, " . $_GET['name'];
and replace it with:
$name = htmlspecialchars($_GET['name']), ENT_QUOTES;
echo "Hello, " . $name;
// Note that htmlspecialchars($a, ENT_QUOTES), doesn't protect against
// user input in certain attributes. Such as <a href='$input'>x</a>.
// For these usecases, leverage http://php.net/rawurlencode
- Test it
- Ship it 🚢 and relax 🌴
More information:
- Docs for htmlspecialchars()
- Docs for rawurlencode()
- OWASP Cheat Sheet - XSS