Prevent XSS[Cross-Site Scripting] Attacks

Cross site scripting (also known as XSS) occurs when a web application gathers malicious data from a user. Often attackers will inject JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable application to fool a user (Read below for further details) in order to gather data from them Persistent Attack Example <script>document.location=’http://www.google.com/'</script> Non-Persistent Attack Example http://portal.example/index.php?sessionid=12312312&username=<script>document.location=’http://google.com'</script> DOM-based Attack Example http://www.vulnerable.site/welcome.html?name=<script>alert(document.cookie)</script> […]

Apache/php Tmp directory

Letting users upload files to your server can be very risky. If you’re not careful, you could get users uploading all sorts of files which could be harmful for out of disk and tons of virus in your server. Let’s go into very interesting topic of  tmp folder /tmp folder gets cleared on shutdown or boot time but never effect […]

Fonts for web designer

I am totally amazed how to work on fonts. As per my knowledge, we have true type(.ttf) or open type(.otf) file in your PC, Mac or website folder and we have to call them in css. But recently css3 brings lots of new way to call fonts with naming convention which is really nice but we are so far for […]

HTML5

Lots of thinking about HTML5 but we are still waiting for final approval from W3C.I am very curious when HTML5 support all browsers specially internet explorer,that time will become golden for every web developer.They can make more advance application and internet become wow…. Resources :- http://www.dailymotion.com/html5 [Canvas tag play prominent role in Videos] http://introducinghtml5.com/ [list of html5 examples] http://www.html5advent.com/ [click […]