Web application security can be a difficult topic. With the constant threat from attackers all over the world and so many different methods of attack learning them all can seem impossible. If you take them one chunk at a time, though, it's much easier. This course aims to teach you about one of those "chunks" - Cross-Site Scripting.
Cross-site scripting is an attack that is very wide spread and has lead to the compromise of many companies on the web, both major and minor. Join me as I walk you through the attack, how it can be used to exploit a site and how to prevent it. We'll discuss:
So join me and learn about this common web application security issue and how you can protect you and your application from its effects!
For the last 12+ years, Chris has been involved in the PHP community in one way or another. These days he's the Senior Editor of PHPDeveloper.org, lead author for Websec.io, a site dedicated to teaching developers about security, and the Securing PHP project. He's also written for several PHP publications and has spoken at conferences in both the U.S. and Europe on security-related topics. He's also an organizer of the Dallas PHP User Group and the Lone Star PHP Conference and works as an Application Security Engineer for Duo Security.