Reverse Proxy Based XSS filtering

Authors

  • KS Wagh Department of Information Technology, University of Pune, Pune

Keywords:

HTTP header filtering, Regular expression, Reverse proxy, XSS, XSS firewall

Abstract

Due to the increasing amount of Web sites offering features to contribute rich content and the frequent failure of Web developers to properly sanitize user input, cross-site-scripting prevails as the most significant security threat to Web applications. Using cross-site scripting techniques, a malicious user can hijack Web sessions, craft credible phishing sites and using the browser based exploits can have complete access to victim machine. Previous work towards protecting against cross-site scripting attacks suffers from various drawbacks, such as practical infeasibility of deployment due to the need for client-side modifications, inability to reliably detect all injected scripts, and complex, error-prone parameterization. In this paper, we introduce a server-side solution for detecting and preventing cross-site scripting attacks using reverse proxy that intercepts all HTML responses, and allow or deny the request based on filtering techniques using regular expressions and blacklisting techniques.

References

“DOM Based Cross Site Scripting or XSS of the Third Kind” (WASC writeup), Amit Klein, July 2005

Cross Site Scripting Definiton ,Web application Vulnerabilities Wikipedia.

http://www.cgisecurity.com/xss-faq XSS attacks.

Mattison Ward, “Using A Reverse Proxy To Filter HTTP and HTTPS” , GIAC Security Essentials Certification (GSEC), 2012

XSS payloads, OWASP Cheat Sheet for xss attacks.

XSS prevention Rules,OWASP rules for XSS.

Downloads

Published

2015-05-30

How to Cite

[1]
K. Wagh, “Reverse Proxy Based XSS filtering”, Int. J. Comp. Sci. Eng., vol. 3, no. 5, pp. 175–180, May 2015.

Issue

Vol. 3 No. 5 (2015): IJCSE May Edition

Section

Review Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.