XSS Attack - Part 7

Hey awl in diz tut i will be telling uhh awl countermeasures against XSS :)

Countermeasures

Check and validate all the form fields, hidden fields, headers, cookies, query strings and all the parameters against a rigorous specification.

Implement a stringent security policy.

Web servers, applications servers, and web application environments are vulnerable to cross-site scripting. It is hard to identify and remove XSS flaws from web applications. The best way to find flaws is to perform a security review of the code, and search in all the places where input from an HTTP request comes as an output through HTML.

A variety of different HTML tags can be used to transmit a malicious JavaScript. Nessus, Nikto and other tools can help to some extent for scanning website for these flaws. If vulnerability is discovered in one website, there is a high chance of it being vulnerable to other attacks.

Find the script output to defeat XSS vulnerability which can prevent then from being transmitted to users.

The entire code of the website has to be reviewed if it has to be protected against XSS attacks. The sanity of the code should be checked by reviewing and comparing it against exact specifications. The areas should be checked as follows, the headers, as well as cookies, query string from fields and hidden fields. During the validation process, there must be no attempt to recognize the active content, neither to remove the filter nor sanitize it.

There are many ways to encode the known filters for active content. A “positive security policy” is highly recommended, which specifies what has to be allowed and what has to be removed. Negative or attack signature-based policies are hard to maintain, as they are incomplete.

Input fields should be limited to a maximum since most script attacks need several characters to get granted.