Adding improved anti-XSS rules #23

merged 1 commit into from Mar 15, 2013


None yet

2 participants


These rules were tested and are divided into two groups: volatile and non-volatile ones. The volatile ones generate more false positives, while non-volatile ones are very robust.


Do you have example payloads used in testing these rules? Would like to see the difference between the volatile/non-volatile tests.

@rcbarnett rcbarnett merged commit 19e0307 into SpiderLabs:master Mar 15, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment