All Products ▼

Domains
REGISTER OR TRANSFER
- Domain Name Registration
  Register a .COM, .NET or other domain name here.
- Bulk Domain Registration
  Save when you register 6 or more domains.
- Transfer Domain
  Transfer your domain & get 1 year FREE.
- Bulk Domain Transfers
  Transfer up to 500 domains at once.
- Discount Domain Club
  Register domains at a discount – join today!
ADVANCED DOMAINS
- Domain Backordering
  Be first in line when a domain becomes available.
- Domain Buy Service
  Want someone else's domain? We can help.
- Internationalized Domains (IDN)
  Register a domain in a language-specific alphabet.
REGISTRATION OPTIONS
- Private Registration
  Shield your personal information from public view.
- Deluxe Registration
  Promote your site & keep your privacy.
- Business Registration
  Publish an online business card on your domain.
- Protected Registration
  Keep your domain private, locked & protected!
MANAGEMENT
- Domain Management
  Organize, renew & upgrade your domains.
Hosting & Servers
Hosting
- Web Hosting ON SALE!
  Keeps your site running fast & secure on the Web.
- WordPress Blog Hosting ON SALE!
  Keep your WordPress blog running at top speed.
ADVANCED HOSTING
- VPS
  Advanced performance, reliability and control.
- Dedicated Servers
  Advanced site performance with your own server.
- Managed Hosting
  Let us set up & maintain your Dedicated Server.
- Reseller Hosting NEW!
  Sell plans & host sites from your own server.
- Dedicated IP
  Get a unique Web address for each hosting account.
MANAGEMENT
- Hosting Management
  Access all your hosting settings & features.
Storage
STORAGE
- Online Storage
  Store, back up & share your files online.
MANAGEMENT
- Online Storage Management
  Log in to open your online files.
Web Design
WEB DESIGN
- Website Builder ON SALE!
  Design an eye-catching website – just drag & drop.
- Web Design Services
  Let us design the website of your dreams.
- Quick Shopping Cart® ON SALE!
  Build your own store to sell products online.
- eCommerce Web Design
  Let us build an online store to sell your products.
- Logo Design Services
  Get a custom-designed logo for your business.
WEBSITE & SEO TOOLS
- Search Engine Visibility
  Get your business on Google, Yahoo! & Bing.
- Small Business Center
  Tips & Advice to get online and reach your goals.
MANAGEMENT
- Website Builder Management
  Make updates or additions to your website.
Improve your Business
GENERATE INCOME
- Affiliate Programs
  Place Go Daddy ads on your website to earn cash.
- Turnkey Reseller Plans
  Sell Go Daddy products from a pre-built Web store.
- API Reseller
  Sell Go Daddy products from your existing website.
- CashParking®
  Earn money with the domains you're not using.
ECOMMERCE
- Quick Shopping Cart® ON SALE!
  Build your own store to sell products online.
- eCommerce Web Design
  Let us build an online store to sell your products.
- Merchant Accounts
  Accept credit cards on your website.
BUSINESS TOOLS
- Small Business Center
  Tips & Advice to get online and reach your goals.
- Website Builder ON SALE!
  Design an eye-catching website – just drag & drop.
- Web Design Services
  Let us design the website of your dreams.
- Online Bookkeeping NEW!
  Your small business finances all in one place.
- Search Engine Visibility
  Get your business on Google, Yahoo! & Bing.
- Hosted Exchange
  Low-cost business email – plus FREE Outlook!
- Email Marketing
  Promote your business with email & social media.
MANAGEMENT
- Reseller Account Management
  Optimize your site with sales tools & features.
Email
EMAIL
- Business Class Email
  Reliable, secure email with your own domain.
- Hosted Exchange
  Corporate class email, including FREE Outlook!
- Email Marketing
  Promote your business with email & social media.
- Online Calendar
  Keep yourself or your office on schedule.
- Online Storage
  Store, back up & share your files online.
- Fax thru Email
  Send & receive faxes by email – it's eco-friendly!
MANAGEMENT
- Email Management
  Add or delete accounts & set up email forwarding.
- Check My Webmail
  Send, receive & organize your email.
SSL & Security
SECURE MY SITE
- SSL Certificates ON SALE!
  Keep credit card transactions safe from hackers.
- Code Signing Certificate
  Prove your code is legitimate.
- Website Protection Site Scanner
  Find & fix security holes & malware on your site.
- Premium DNS
  Powerful, easy-to-use DNS management tools.
- Certified Domain
  Place this seal on your website to prove it's for real.
MANAGEMENT
- SSL Certificate Management
  Request, install & update your SSL Certificates.
Auctions
BUY AND SELL DOMAINS
- Browse Inventory
  Browse our entire catalog of domain auctions.
- List Your Domain
  Sell your domains on Go Daddy Auctions®.
- Become a Member
  Buy, bid & sell existing domain names.
- Premium Listings
  List your high-value domain where top buyers shop.
- Domain Name Appraisals
  Find out what your domain is worth.
MANAGEMENT
- Auctions Management
  Monitor your selling & bidding lists.
Small Business Center
My Account

Site Search
Domain Search
WHOIS Domain Check

24/7 Support: (480) 505-8877

Hablamos Español

9 AM to 9 PM IST
7 days a week

Commercials | Deals | Bob's Blog

Search help articles, forums, and discussion groups

> Help > Website Protection > Common Threats > Cross-Site Scripting

Cross-Site Scripting

Date Submitted: 6-1-2011

Cross-site scripting (XSS) vulnerabilities let visitor-provided input, such as text in a search or form, influence how a website functions or displays for another visitor.

Attackers use XSS to exploit the trust between visitors and websites by entering text, usually browser-executable scripts such as JavaScript®, Adobe® Flash, or HTML, to perform a variety of malicious acts. Typical attacks access other visitors' session data or cookies, bypass log-in requirements, or redirect visitors to another malicious site.

For example: A blog site lets visitors comment on posts. The site doesn't check the content to make sure it's valid, and displays comments without sanitizing them.

Attackers can add comments with malicious links containing scripts that let them take over another user's session on the site.

You can prevent XSS flaws on your website by keeping visitor-provided information separate from the rest of your content. A "whitelist" can help validate acceptable input, but it might not be effective if your forms allow special characters.

You can check your website for XSS and other common vulnerabilities with a daily vulnerability scanner, such as Website Protection Site Scanner.

To learn more about XSS, see Cross-site Scripting (XSS) at the Open Web Application Security Project's site.

Rate This Article:

5 People Found this Helpful

Related Topics:

Related Articles:

Insecure Cryptographic Storage
Security Misconfiguration
Unvalidated Redirects and Forwards
Authentication and Session Management Flaws
Cross-Site Request Forgery
Insecure Direct Object References
Insufficient Transport Layer Protection

Have a question about the content of this article?

Go Daddy Global

Language:

Country:

Currency:

Account Manager

My Account
My Renewals
Order History
Create Account

Shopping

Domain Search
Web Hosting
Product Catalog
Go Daddy Gear
Deals of the Day

Resources

Webmail
WHOIS search
ICANN Confirmation
Affiliates
Follow & Fan Us
Legal
Small Business Center Site Map

Support

Telephone Support & Sales
Product Support
Discussion Forums
User Groups
Submit Support Ticket
Site Suggestions
Report Abuse

About Go Daddy

About Us
News Releases
Careers
Go Daddy Cares
Marketing Opportunities
Customer Testimonials
Security Center
.ME Scholarship
Round Up for Charity
Bob's Video Blog
Inside Go Daddy

Mobile

Go Daddy, on the GO!
iPhone Application
iPad Application
Android Application
Visit Go Daddy Mobile

Global Sites

Go Daddy (English)
Go Daddy (Español)
Go Daddy Australia
Go Daddy Canada
Go Daddy India
Go Daddy United Kingdom

Follow & Fan Us

Sign Up for Special Offers

Email Address

Use of this Site is subject to express terms of use. By using this site, you signify that you agree to be bound by these Universal Terms of Service.

Legal Privacy Policy

GoDaddy.com is the world's No. 1 ICANN-accredited domain name registrar for .COM, .NET, .ORG, .INFO, .BIZ and .US domain extensions. Source: RegistrarSTATS.com

Copyright © 1999 - 2013 Go Daddy Operating Company, LLC. All Rights Reserved.

E

TESTED 2013 - 05 - 24