The Technology Magazine.

Full width home advertisement



Post Page Advertisement [Top]

Become a Bug bounty tutorial: Unit 3: HTML Encoding

HTML Encoding

Summary: While penetration testing a web application, your main interest in HTML
encoding is likely to be when probing for cross-site scripting vulnerabilities.

If one application returns user input unmodified within its responses, then it is
probably vulnerable, whereas if dangerous characters are HTML-encoded
then it is probably safe

HTML encoding is a scheme used to represent problematic characters so that
they can be safely incorporated into an HTML document. Various characters
have special meaning as meta-characters within HTML and are used to define
the structure of a document rather than its content. To use these characters
safely as part of the document’s content, it is necessary to HTML-encode them.
HTML encoding defines numerous HTML entities to represent specific lit-
eral characters, for example:

"  “
'  ‘
&   &
&lt;    <
&gt;    >

No comments:

Post a Comment

Dear visitor,
Please do not post spam. All comments will be moderated before approval.

Bottom Ad [Post Page]

| Designed by