Skip to content

Commit

Permalink
Update a7-xss.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@subashsn
subashsn authored Sep 17, 2018
1 parent 5817495 commit 7f2adc3
Showing 1 changed file with 1 addition and 5 deletions.
6 changes: 1 addition & 5 deletions docs/solution/a7-xss.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,10 +111,6 @@ c_email.textContent = users[i].email;
```
The most fundamental safe way to populate the DOM with untrusted data is to use the safe assignment property, `textContent`.

**Fixes**

TBD

**Recommendation**

- Use Security header `X-XSS-Protection` to prevent reflected XSS attacks
Expand All @@ -126,4 +122,4 @@ TBD
**Reference**

- <https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)>
- <https://www.npmjs.com/package/xss-filters>
- <https://www.npmjs.com/package/xss-filters>

0 comments on commit 7f2adc3

Please sign in to comment.