Flo Aberger | Cyber Notes Structured writeups for labs, CTFs, and security projects.

Xss

Prevention

Notes and commands for Prevention.

2025-05-13
Tags webxssprevention
Back to Pentest Notes Search Notes

Input Sanitization

Frontend

f.e.

User input never inside the following: JavaScript code CSS Style Code Tag/Attribute Fields HTML Comments DOM.innerHTML DOM.outerHTML document.write() document.writeln() document.domain() html() parseHTML() add() append() prepend() after() insertAfter() before() insertBefore() replaceAll() replaceWith()