Cross-Site Scripting Detection Source Code to Prevent Cross-Site Attack by Using Taint Code Analysis


  • Amirul Asyraf Bin Rosland saleh


Abstract—PHP is a general purpose development language for creating web pages. Most grasp PHP syntax rather quickly and will within short time be able to produce a script that works using online tutorials, references and books. The problem is that most people forget the security aspect of PHP that one must consider when writing PHP application. Web application are written in PHP and have become major targets due to the large number of application. At the same time, cross-site scripting vulnerabilities continue to be identified in existing software threatening the security of client data. This application can identify Cross-site scripting vulnerabilities in code during the development process could reduce the number of vulnerabilities that make it into production code and threaten users.the most common web application vulnerabilities and mechanisms required to write secure code by leveraging PHP's unique features. Also mentioned are the common programming mistakes done by developers when building web applications and to protect against vulnerabilities.