Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
The Go Workshop

You're reading from   The Go Workshop Learn to write clean, efficient code and build high-performance applications with Go

Arrow left icon
Product type Paperback
Published in Dec 2019
Publisher Packt
ISBN-13 9781838647940
Length 824 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Authors (6):
Arrow left icon
Sam Hennessy Sam Hennessy
Author Profile Icon Sam Hennessy
Sam Hennessy
Andrew Hayes Andrew Hayes
Author Profile Icon Andrew Hayes
Andrew Hayes
Gobin Sougrakpam Gobin Sougrakpam
Author Profile Icon Gobin Sougrakpam
Gobin Sougrakpam
Jeremy Leasor Jeremy Leasor
Author Profile Icon Jeremy Leasor
Jeremy Leasor
Delio D'Anna Delio D'Anna
Author Profile Icon Delio D'Anna
Delio D'Anna
Dániel Szabó Dániel Szabó
Author Profile Icon Dániel Szabó
Dániel Szabó
+2 more Show less
Arrow right icon
View More author details
Toc

Table of Contents (21) Chapters Close

Preface 1. Variables and Operators FREE CHAPTER 2. Logic and Loops 3. Core Types 4. Complex Types 5. Functions 6. Errors 7. Interfaces 8. Packages 9. Basic Debugging 10. About Time 11. Encoding and Decoding (JSON) 12. Files and Systems 13. SQL and Databases 14. Using the Go HTTP Client 15. HTTP Servers 16. Concurrent Work 17. Using Go Tools 18. Security 19. Special Features Appendix

Cross-Site Scripting

Cross-Site Scripting, or XSS, is another major attack type that is frequently listed in the OWASP (Open Web Application Security Project) of top ten application vulnerabilities. Similar to SQL injection, this vulnerability is also caused by non-sanitized user input, but in this case, rather than modifying the behavior of a database, it injects scripts into a web page.

Web pages are constructed using html tags. Every html page contains some content bracketed by the html tag, like this:

<html>
  Hello World!
</html>

One such html tag is the <script> tag, which is used to embed executable content – usually, JavaScript code. This tag is used to run client-side code execution on the browser, for example, to generate dynamic content or manipulate data and images.

The code inside the <script> tag is not visible on the web page and, as such, it generally goes unnoticed. This feature of the <script> tag can be manipulated...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime