Web Security Basics: Cross-Site Scripting

Learn how to secure your application against cross-site scripting (XSS) attacks

Web application security can be a difficult topic. With the constant threat from attackers all over the world and so many different methods of attack learning them all can seem impossible. If you take them one chunk at a time, though, it's much easier. This course aims to teach you about one of those "chunks" - Cross-Site Scripting.

Cross-site scripting is an attack that is very wide spread and has lead to the compromise of many companies on the web, both major and minor. Join me as I walk you through the attack, how it can be used to exploit a site and how to prevent it. We'll discuss:

  • What cross-site scripting (XSS) is and some of the history behind it
  • Common uses for this kind of exploit (including examples)
  • How to prevent it in your application, complete with PHP-based examples
  • Additional resources where you can learn more about the attack type
  • Tools you can integrate into your application to prevent it in the future

So join me and learn about this common web application security issue and how you can protect you and your application from its effects!

Your Instructor

Chris Cornutt
Chris Cornutt

For the last 12+ years, Chris has been involved in the PHP community in one way or another. These days he's the Senior Editor of, lead author for, a site dedicated to teaching developers about security, and the Securing PHP project. He's also written for several PHP publications and has spoken at conferences in both the U.S. and Europe on security-related topics. He's also an organizer of the Dallas PHP User Group and the Lone Star PHP Conference and works as an Application Security Engineer for Duo Security.

Frequently Asked Questions

When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.

Get started now!