Cross-Site Scripting Detection Source Code to Prevent Cross-Site Attack by Using Taint Code Analysis

Authors

  • Amirul Asyraf Bin Rosland saleh

Abstract

Abstract—PHP is a general purpose development language for creating web pages. Most grasp PHP syntax rather quickly and will within short time be able to produce a script that works using online tutorials, references and books. The problem is that most people forget the security aspect of PHP that one must consider when writing PHP application. Web application are written in PHP and have become major targets due to the large number of application. At the same time, cross-site scripting vulnerabilities continue to be identified in existing software threatening the security of client data. This application can identify Cross-site scripting vulnerabilities in code during the development process could reduce the number of vulnerabilities that make it into production code and threaten users.the most common web application vulnerabilities and mechanisms required to write secure code by leveraging PHP's unique features. Also mentioned are the common programming mistakes done by developers when building web applications and to protect against vulnerabilities.

Published

2019-12-27

Issue

Vol. 4 No. 2 (2019)

Section

Articles

Submission of an original manuscript to the Journal of Computing Technologies and Creative Content (JTeC) will be taken to mean that it represents original work not previoussly published, that it is not being considered elsewhere for publication. All submitted articles that are published by JTeC cannot be published anywhere by the authors unless with the permission by JTeC Editors. JTeC reserves the right to the publications of the articles it published, and reserves the right to reuse the articles elsewhere for academic purposes, while still retaining the names of the original authors with the original articles.

JTeC takes the stance that the publication of scholarly research is meant to disseminate knowledge and in a not-for-profit regime, benefits neither publisher nor author financially. It sees itself as having obligation to its author and to society to make content available online now that the technology allows for such possibility.