首页>
外国专利>
PREVENTION OF CROSS SITE SCRIPTING ATTACKS USING AUTOMATIC GENERATION OF CONTENT SECURITY POLICY HEADERS AND SPLITTING OF CONTENT TO ENABLE CONTENT SECURITY POLICY
PREVENTION OF CROSS SITE SCRIPTING ATTACKS USING AUTOMATIC GENERATION OF CONTENT SECURITY POLICY HEADERS AND SPLITTING OF CONTENT TO ENABLE CONTENT SECURITY POLICY
The present disclosure provides a method and system for transforming web application output that is vulnerable to XSS attacks to CSP-compliant web application output. This transformation is accomplished by parsing the output code to identify headers and script and splitting the headers and script to form CSP-compliant web application output.
展开▼