Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Jan 10, 2013 01:53 AM by fredd_and
Jan 09, 2013 03:38 PM|LINK
i have website without any form in it, we only give information one way to client, but our website got xss attack and the browser can not read css corecly ( i think) , when i test the page in my local machine nothing wrong, all tag in correct position.
How other can inject script if there is no form in the page?
is there any tool for analize runing website or localhot from xss attack? i try xss me from firefox but it can not analize page without form.
i am using cshtml page, how to defend it from xss attack ?
i use 2 domain and 1 sub domain has same copy of the website, but all of them can not run correcly in production server now, even we put it in different server and different IP adrress, it`s only working in my localhost or intranet. any guide to handle this
kind attack ? i try googling but seem can not find one yet.
Jan 09, 2013 06:43 PM|LINK
You defend against XSS by ensuring that all user input is HTML Encoded when it is written to the browser. This happens by default in Web Pages.
From the description you provide, it doesn't sound like you have been subject ot an XSS attack. Why do you think you have?
Jan 10, 2013 12:45 AM|LINK
Jan 10, 2013 01:53 AM|LINK
got it, some news input in other site make our website can be hack by other...