NEW LISTINGS 
HOT LISTINGS
TOP RATED
EDITOR PICK
ADD A LISTING
UPDATE A LISTING
GET RATED
UPGRADE A LISTING
HOT LISTINGS
TOP RATED
EDITOR PICK
ADD A LISTING
UPDATE A LISTING
GET RATED
UPGRADE A LISTING
Preventing Cross Site Script Attacks
37114
Preventing Cross Site Script Attacks
http://www.ajaxwith.com/Preventing-Cross-Site-Script-Attacks.html
Cross Site Script or XSS is one of the popular methods for attacking not only to Ajax based websites but almost any other website that accepts user inputs. Even before Ajax was conceptualized, this attack was already practiced by different hackers. There was one hack that was used in 2005 wherein MySpace.com was targeted. It uses a simple JavaScript function that could be embedded in user’s website and others. Once they view the webpage, the “My Hero” link is changed to the name of the hacker. It is practically a pyramid hack since anyone who sees the profile became the host of the hack. The code was actually posted by the builder of the hack in possible reparation for what he did. It is just a simple JavaScript that could be embedded in any website. It just does not hack any information, it practically takes over every function it wants to.
Ajax > Tips and Tutorials
Feb 20, 2008
Exforsys Inc
send email to Exforsys Inc
Write a Review
Add to My Favorite
Refer it to Friend
Report Broken Link
| |
|
Other links owned by this user
This pages collects some of the code I am distributing.
Ok, some code is about trivial web services and not at the top of performance, but it can serve as introductory examples to newbies for learning.
Please, let me know about bugs and/or suggestions for further improvement: this is the free spirit of Open Source.
Ok, some code is about trivial web services and not at the top of performance, but it can serve as introductory examples to newbies for learning.
Please, let me know about bugs and/or suggestions for further improvement: this is the free spirit of Open Source.
Category:
Web Form Generator Script
This script is an easy-to-use tool to create reliable and efficient web forms and the best part is that absolutely no programming of any sort is required and it has the ability to create up to 100 different form fields plus can add a variety of field types including text boxes, drop down selection and more
This script is an easy-to-use tool to create reliable and efficient web forms and the best part is that absolutely no programming of any sort is required and it has the ability to create up to 100 different form fields plus can add a variety of field types including text boxes, drop down selection and more
Category:
HIOX Review Script that will enable users to write a review message or have a comment.
This software utility can be used in each or any web page and the review message for each page should be verified by the admin. The review or user comment for each page will be displayed in that web page once the admin has accepted it.
This software utility can be used in each or any web page and the review message for each page should be verified by the admin. The review or user comment for each page will be displayed in that web page once the admin has accepted it.
Category:
This tutorial will show you how to install Apache 2.0.59, PHP 5.2.3 and MySQL 5.0.41 on machine running Windows XP.
Category:
6. Tag Cloud
In this tutorial i am going to show you how to create a basic word / tag cloud using php. I am going to create a class based cloud, this is because it will be more convenient for people to adapt it on there own websites, if you don't know much about class based programming then click here to take a look at the class tutorial.
Category:
UMScript is suitable for a wide variety of media websites. Over 20 file types supported and ability to add your own! The most flexible media script available today!
UMScript is set to be a constantly evolving product - new features being added regularly at no extra charge!
UMScript is set to be a constantly evolving product - new features being added regularly at no extra charge!
Category:
This is a very nice looking social networking site that links people by their zodiac sign. This site also features a live horoscope feed that will tell the user their horoscope every day once they are logged in! Zodiac sign is automatically assigned by user's entering in their birthdate. Features a message board, private messaging, media uploads, extensive profiles, blogs and comments, and user created groups. Members can join a group and also leave comments for groups. A very, very nice script, indeed.
Category:
kSphell API is a nifty little spell checking application capable of spell checking individual words and phrases. Below is a list of features and a working demo.
Category:
4L hit counter is a very simple text based hit counter.It uses only 4 lines of PHP code.Place this script into webpage (e.g. sidebar.php for wordpress template or in a specific page as you need).This script will count the number of times a page is called and store this number into a simple text file(e.g. hits.txt).
Category:
Most computers will have a firewall preventing others from accessing your computer.
To get around this issue, open up Port 22 for incoming connections. This will be the
only port that is open due to the ssh/sftp protocol one connection connectivity.
To get around this issue, open up Port 22 for incoming connections. This will be the
only port that is open due to the ssh/sftp protocol one connection connectivity.
Category:
12. Moonware Hits
This simple to use Hit Counter also includes a IP ban system. All unique IP's are stored in a MySQL database. From here you can ban any IP's you do not want to view your website just by including a simple code at the top of the page. Install file included! and also full detailed instructions. If you have any problems, please do contact me via the contact page.
Category:
In this article, you will learn about URL Rewriting in ASP.NET 2.0. URL Rewriting was originally introduced by Apache as an extensions called mod_rewrite. The concept of URL rewriting is simple. It allows you to rewrite URL from those ugly URL into a better URL and hence it will perform better in SEO.
Most Search Engines will ignore those dynamic URL such as the one ended with querystring
e.g http://www.worldofasp.net/displayproduct.aspx?ID=10
Therefore if you like to have more hits and traffic from search engine, consider of rewriting all those querystring url into normal URL.
Most Search Engines will ignore those dynamic URL such as the one ended with querystring
e.g http://www.worldofasp.net/displayproduct.aspx?ID=10
Therefore if you like to have more hits and traffic from search engine, consider of rewriting all those querystring url into normal URL.
Category:
No Special Server Setup Your host server doesn't have to be able to run scripts of any kind, our robust server process the form, deliver you the information and then redirect the visitor back to your page, without the user ever knowing they left your site. This means our forms will work on any type of web server.
Category:
15. Sprigst Calendar
Sprigst Calendar is very widely used free JavaScript Calendar control that makes it easy for your visitors to fill out the date fields by selecting the date from a calendar. Our JavaScript Calendar is the best solution for website development. Sprigst Calendar is a verified, extremely fast, small cross-browser JavaScript control.
Category:
This simple function dynamically inserts css into the head of any web page to change the background and/or background image of an html tag, class or id based on the time of the day.
Category:
WinUtilities all in one suite is a collection of tools to optimize your system performance and remove unneeded files and internet tracks. this suite allows you to find and remove invalid registry entries, delete your application and internet history, manage your cookies and more. with a startup Cleaner you can also see what programs start automatically with windows and optionally disable selected items. furthermore, WinUtilities includes options to find true duplicate files, Erase traces of activity, fix or remove broken shortcuts and safely uninstall software. other features include secure file deletion, application protect, file split and rejoin, registry backup and restore, BHO Remove, Auto Shutdown, manage Windows Tools, manage scheduled tasks, and much more.
Category:
18. Multiple Uploads
Upload multiple files at once to your server. This is a basic script and is meant as a building block, no security measures have been taken for this version.
Simple installation
Easily integrates into your website
Simple layout allows you to customize with ease.
Simple installation
Easily integrates into your website
Simple layout allows you to customize with ease.
Category:
Other links at Ajax > Tips and Tutorials
OK, this is my second tutorial for AJAX Freaks, so bear with me. Have you ever seen or wished you could have live data on your website? Have you got data stored in a database that UPDATEs reguarly? This tutorial will explain how you can achieve this effect using AJAX and PHP. As I mentioned in my first tutorial, this can be achieved in almost any server side scripting langauge, as long as you know how to make database queries in your desired langauge. I suggest that you know how to use the basic XMLHttpRequest object, if not then you might want to check out my first tutorial on introducing you to AJAX found here. You can find the entire
Category:
Seam – Developed by JBoss, this framework was developed by the said company to cater to the trend of Web 2.0 sites. This framework is the combination of two known frameworks for Java: EJB3 or Enterprise Javabeans and JSF or JavaServer Faces.
Spring Web Flow – admittedly the name is rather cute. But if anything could be described for this application, it is not cute. Spring Web Flow is one of the most powerful Java frameworks if you want to develop an Ajax based application.
Spring Web Flow – admittedly the name is rather cute. But if anything could be described for this application, it is not cute. Spring Web Flow is one of the most powerful Java frameworks if you want to develop an Ajax based application.
Category:
When an Ajax based website performs a function, it is not just the server the sees the source code, everyone will have the ability to see the information. With the source code, hackers can easily go further and go right directly to the server. That even goes to the information that can only be accessed by web administrator. Even without the admin username and password, hackers could easily bypass this authorization requirement and go directly to the information found in the server.
Category:
Ajax stands for Asynchronous JavaScript and XML. In a nutshell, it is the use of the nonstandard XMLHttpRequest() object to communicate with server-side scripts. It can send as well as receive information in a variety of formats, including XML, HTML, and even text files.
Category:
regular website could easily cache the page’s information. The whole webpage is saved in the temporary folder so that it could be accessed faster the next time user visits the particular page. Unfortunately, this concept is only applied to HTML and other websites where the whole webpage is refreshed whenever something new is added.
Category:
Main Category
165
2028
756
275
169
1801
1074
892
1127
7088
70
874
58
2145
170
Join Mailing List
Joining mailing list will entitle you
to receive occasional emails informing you of news and
updates to the site and any special offers that may be
of interest to you.
Top 10
Directory Statistics
Links: 18673
Categories: 1275
Registered Users: 533
Mailing List Subscribers: 2031
Unique Outgoing Hits: 192436
Pagerank Statistics
PHP News