curiouswebster
asked on
How to protect against DOM based attacks?
How to protect against DOM based attacks?
This article:
https://github.com/aspnet/Docs/blob/master/aspnetcore/security/cross-site-scripting.md
Holds a warning:
[!WARNING] Don't concatenate untrusted input in JavaScript to create DOM elements. You should use createElement() and assign property values appropriately such as node.TextContent=, or use element.SetAttribute()/ele ment[attri bute]= otherwise you expose yourself to DOM-based XSS.
My C# / MVC / Razor web app was written some time ago, with little worry for XSS.
What key words shall I search for to assess the exposure to DOM based attacks?
Thanks
This article:
https://github.com/aspnet/Docs/blob/master/aspnetcore/security/cross-site-scripting.md
Holds a warning:
[!WARNING] Don't concatenate untrusted input in JavaScript to create DOM elements. You should use createElement() and assign property values appropriately such as node.TextContent=, or use element.SetAttribute()/ele
My C# / MVC / Razor web app was written some time ago, with little worry for XSS.
What key words shall I search for to assess the exposure to DOM based attacks?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You are welcome.
ASKER