Like I mentioned earlier, you probably want to learn the basics on your own and then validate your protection by "attacking" your own page. Here's a great video with explanations on different techniques. The guy has also a practice area where you can practice what you've learned: youtube.com/watch?v=EoaDgUgS6QA
When you protect something, be aware of what it is you are protecting from. "XSS" is a wide range of techniques that can abuse pages. If you protect from a certain technique - e.g. HTML tags, try exploiting your own form with something like <img src/onerror=alert(1)>.
Here's another cheatsheet by Portswigger where you can see an endless list of methods: portswigger.net/web-security/cross...
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hi,
Like I mentioned earlier, you probably want to learn the basics on your own and then validate your protection by "attacking" your own page. Here's a great video with explanations on different techniques. The guy has also a practice area where you can practice what you've learned: youtube.com/watch?v=EoaDgUgS6QA
When you protect something, be aware of what it is you are protecting from. "XSS" is a wide range of techniques that can abuse pages. If you protect from a certain technique - e.g. HTML tags, try exploiting your own form with something like
<img src/onerror=alert(1)>.Here's another cheatsheet by Portswigger where you can see an endless list of methods: portswigger.net/web-security/cross...