Website prevents XSS problems

There is a form on the

website. I enter < script > alert (22) < / script > in the form and click submit. Why is the website transferred to http://test.baidu.com/off_we_go.html? A blank page like this? Have you done something to prevent XSS treatment?

Mar.03,2021

you can try this: https://github.com/leizongmin/js-xss

"

if SQL is injected, it can be solved by using PreparedStatement;
Using JSTL's Cout, you can also lose some tags on Filter;
The data requested by ajax can also be escaped with HtmlEncode.


there are libraries that prevent xss attacks by escaping tags so that when displayed on a web page, browsers will only display tags as characters


the front-end XSS Filter will be bypassed, and only in the back-end Filter can it be foolproof. Reference:
how to use Filter untrusted input to defend websites from being XSS?

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1eaf4c6-2240.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1eaf4c6-2240.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?