Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
Brendan Castaneda2020-10-02 17:13:17
PHP
Brendan Castaneda, 2020-10-02 17:13:17

How to check the form for submitting messages from a site on XSS injection?

I have a form for sending messages from the site to my email.
Any user can write a message and send it.
The form is being submitted via php

<form enctype="multipart/form-data" method="post" id="form" action="send.php">

After sending - pressing the button, it redirects to a new page on which it says thank you.

If you insert it into the form, <script>alert('aa');</script>or <script>alert(document.cookie)</script>it will stupidly send this whole thing to me by mail (although the fields will be empty in the incoming message).

I don’t know how to try to perform a similar output to the screen of JS code in it, it immediately sends everything on click.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Adamos, 2020-10-02
@ae_ph

https://www.php.net/manual/en/function.htmlentities.php

Similar questions
M
Mikhail Sokolov2015-08-28 20:53:01
How to set up Iptables + DB and restrict access? 4Reply
D
dotruger372020-01-20 12:12:29
How to write a recursive function in PostgreSQL? 3Reply
K
krock000002020-01-22 14:06:54
What is the difference between scroll() and on('scroll', function() {...});? 2Reply
U
uyrij2015-09-18 10:43:57
How to convert a human-readable (Word) table to iCalendar format? for subsequent import into the online calendar? 2Reply
A
alex14422017-08-22 15:26:55
How to track mouse click on ComboBox in Delphi XE5? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question