Cross Site Scripting (XSS)
Origin Definition and Components
Policy Enforcement Mechanisms
Browser Implementation Differences
SOP Limitations and Exceptions
XSS as SOP Bypass Technique
Sandboxing Mechanisms
Content Isolation
Script Execution Context
DOM Security Boundaries
Content-Type Header
X-Content-Type-Options
X-Frame-Options
Referrer-Policy
Cache-Control Security Implications
Previous
1. Introduction to Cross-Site Scripting
Go to top
Next
3. XSS Terminology and Concepts