Skip to content

RESTful API requests with XSS attack #30

New issue
New issue
Open
Open
RESTful API requests with XSS attack#30
@VenkatKoppisetty

Description

@VenkatKoppisetty
VenkatKoppisetty
opened on Dec 17, 2015

restful-api plugin need to detect the possible XSS (Cross Site Scripting) attack in API request. If there is any XSS threat, in request body or in parameters, the request should be rejected. RestfulApiController is being the entry point for all API requests, XSS checks can be provided there. This eliminates the consumers of plugin to duplicate the XSS check within each service.

Sample API request with XSS attack:

{
"code": "20025",
"title": "<script> alert('XSS'); </script>"
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions