Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › HTML Editor (formerly iRite) › Cross site scripting

Cross site scripting

Thread began 3/23/2010 7:16 pm by james404001 | Last modified 3/24/2010 6:55 am by james404001 | 721 views | 1 replies

3/24/2010 6:55 amRay BorduinWebAssist

If your irite form is protected with a login, then no hackers could be put in a position where they could use them to cross-site script... That is probably the best defense.

If you need to put your form fields in an open area where hackers can play with them, then displaying it later to another user, then you definitely would want to do something to prevent cross-site scripting. In order to take advantage of cross site scripting the hacker has to have access to the form, displayed results, and usually some other user has to be able to view the results for any real harm.

In most situations I'd just suggest protecting the form so that cross site scripting is unlikely to be done by someone with administrative privilages.

Did this help? Tips are appreciated...

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.