×

XSS DETECTION METHOD AND DEVICE

  • US 20120198558A1
  • Filed: 07/23/2010
  • Published: 08/02/2012
  • Est. Priority Date: 07/23/2009
  • Status: Active Grant
First Claim
Patent Images

1. A XSS detection method for detecting XSS vulnerabilities in a web page, comprising steps of:

  • determining a set of parameter-value pairs that can be accepted by the web page; and

    for each parameter-value pair in the set;

    constructing a parameter-value pair in which a dedicated script is inserted;

    assembling a URL corresponding to the web page based on the parameter-value pair in which the dedicated script has been inserted;

    acquiring the dynamic web page content corresponding to the assembled URL; and

    simulating the execution of the acquired dynamic web page content, if the dedicated script is executed, it is determined that the processing of the parameter in the web page contains XSS vulnerabilities.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×