What are the best practices for avoid xss attacks in a PHP site
Posted
by rikh
on Stack Overflow
See other posts from Stack Overflow
or by rikh
Published on 2008-09-16T11:20:02Z
Indexed on
2010/04/18
2:03 UTC
Read the original article
Hit count: 462
I have PHP configured so that magic quotes are on and register globals are off.
I do my best to always call htmlentities() for anything I am outputing that is derived from user input.
I also occasionally seach my database for common things used in xss attached such as...
<script
What else should I be doing and how can I make sure that the things I am trying to do are always done.
© Stack Overflow or respective owner