From the course: JavaScript: Security Essentials
Join today to access over 25,500 courses taught by industry experts.
Example of SSJI code - JavaScript Tutorial
From the course: JavaScript: Security Essentials
Example of SSJI code
- [Instructor] So let's take a look at a few examples of server site injections. So for starters, what you need to do is first go into the exercise files, grab chapter five and zero five zero two, begin, and then drop this file into VS code or your favorite editor. So these are examples of code that could be used to inject code into your server. For example, the use of eval to parse user input. So if you have a form that has a body with a pre-tax value like this one, and then eval actually is used to evaluate this value, this could be used in inject server code. In the form we could pass something like wild one, and then as this form is executed, then the server would be rendered useless. Never use eval, set interval, or set time out, end function in any of your forms or any of your code because these can be used to be passed values to it. And then when we use the form, we could pass anything we want that could render the server useless. Now around SQL injections, if you don't have a…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.