About the Author

Chris Shiflett

Hi, I’m Chris: entrepreneur, community leader, husband, and father. I live and work in Boulder, CO.


XSS Cheatsheet

I stumbled upon an interesting resource today - the XSS Cheatsheet. This is a really wonderful collection of XSS (cross-site scripting) test cases. If you don't know what XSS is, you might find the following resources helpful:

Christian has developed a script for filtering data specifically for XSS. He also has an example implementation where you can try it out for yourself - maybe someone with some free time can try entering all of the test cases to see if any of them expose a weakness.

About this post

XSS Cheatsheet was posted on Wed, 26 Jan 2005. If you liked it, follow me on Twitter or share:

7 comments

1.Diane said:

Was trying the test cases at ha.ckers.org/xss.html and found one that worked. Thought you might be interested:

<IMG STYLE='no\xss:noxss("/*");

xss:ex/*XSS*/pression(alert("XSS"))'>

Fri, 16 Sep 2005 at 20:27:56 GMT Link


2.Chris Shiflett said:

I'll let Christian know. Thanks.

Mon, 19 Sep 2005 at 06:23:00 GMT Link