XSS vulnerability discovery and Testing Operation Manual

Page Test with input box
For non-Rich Text, enter special characters in the input box <"sitedir"> submit
On the submitted page, check the source code. Based on the keyword tiehua, check whether the <"> 'Before and After tiehua in the source code has been converted to <"> & if apos is not escaped, the input box has the xss vulnerability. suspect (submit a bug ).
Rich text input box

If the page is submitted due to typographical issues or js errors, it indicates that the input box has the xss Vulnerability (a bug is reported ).
Test Page Link Parameters
Links with parameters such:
Http://mall.taobao.com /? Ad_id = & am_id = & cm_id = & pm_id =
The Link contains four parameters. This test method is the same as the test method in the input box, but uses the parameter as your input box for submission. For example:
& Amp; am_id = & amp; cm_id = & amp; pm_id "> http://mall.taobao.com /? Ad_id = <"sitedir '> & am_id = & cm_id = & pm_id =
In addition, we may say that this is not enough to persuade developers to modify bugs. Unfortunately, this article aims to explain how to locate the xss vulnerability rather than how to exploit the xss vulnerability.

Black box Tool Testing
Recommended tools for Paros (free of charge)
Acunetix. Web. Vulnerability. Vendor (commercial tool)
White box code scanning Test
The Cause and solution of the xss vulnerability are described as follows:
<Span> $! ProductName </span>
This type of non-Rich Text code is required to be:

<Span> $! StringEscapeUtil. escapeHtml ($! ProductName) </span>
For rich text, we can force the code to be filtered by the filter layer.
Based on the above two rules, we can perform static scanning on the white box code to prevent and filter xss vulnerabilities.