How does XSS work?

-
Cross-site scripting works by manipulating a vulnerable web site so that it returns malicious JavaScript to users. When the malicious code executes inside a victim's browser, the attacker can fully compromise their interaction with the application.


Comments

Post a Comment

Popular posts from this blog

How does request life cycle work in Laravel?

-
The entry point for all requests to a Laravel application is the public/index.php file. All requests are directed to this file by your web server (Apache / Nginx) configuration. The index.php file doesn't contain much code it's just starting point for loading the rest of the framework. The index.php file loads the Composer generated autoloader definition and then retrieves an instance of the Laravel application from bootstrap/app.php script. The first action taken by Laravel itself is to create an instance of the application/service container. HTTP / Console Kernels Next, the incoming request is sent to either the HTTP kernel or the console kernel, depending on the type of request that is entering the application. These two kernels serve as the central location that all requests flow through. For now, let's just focus on the HTTP kernel, which is located in the app/Http/Kernel.php. The HTTP kernel extends the Illuminate\Foundation\Http\ Kernel class, which defines an array...
Read more

Object oriented programming concepts in PHP

-
Is it always necessary to create objects from class? No. An object is necessary to be created if the base class has non-static methods. But if the class has static methods, then objects don’t need to be created. You can call the class method directly in this case, using the class name. How much memory does a class occupy? Classes do not consume any memory. They are just a blueprint based on which objects are created. Now when objects are created, they actually initialize the class members and methods and therefore consume memory. Can you create an instance of an abstract class? No. Instances of an abstract class cannot be created because it does not have a complete implementation. However, instances of subclass inheriting the abstract class can be created. What is a final variable? A variable whose value does not change. It always refers to the same object by the property of non-transversity. What are the differences between error and exception? Exception - Exception can be recovered b...
Read more

Basic Terminology

-
What is scripting language? A scripting language is a programming language that supports scripts programs written for a special run time environment that can interpret (rather than compile) automates and executes the tasks that could be alternatively executed by human operator. What is static Web pages? A static web page is the web page that delivered to user exactly as stored in contrast to dynamic web pages which are generated by a web application. What is Dynamic Web Pages?   A server side dynamic web page is controlled by an application server processing server side scripting. What is web server? Web server is the software used to run web application, Main functionality of server is to handle the request from the client and send response to client. What is web browser? The web browser is the software used to open the web application from the web server. Web browser can also execute HTML, Java Script, CSS and other client side script. What...
Read more