Reflected XSS attack | How to prevent XSS attack in Node.js

Introduction

In this blog post, I will explain to you about the Reflected XSS attack. Reflected cross-site scripting (XSS) occurs whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. Reflected cross-site scripting (XSS) allows attackers to execute scripts in the victims’ browser, which can access any cookies, session tokens, or other sensitive information contained by the browser, or redirect user to malicious sites.

Let’s understand reflected XSS by an example.

Suppose a website has a search functionality which takes the user-input search term in a URL parameter as follows:

https://insecure-website.com/search?item=jeans

When someone search for an item on the website. The website returns following response:

<p>You searched for: jeans</p>

Assuming that this insecure website doesn’t do any validation on the user supplied input then an attacker can construct an attack like this:

https://insecure-website.com/search?item=<script>alert(“hacked”)</script>

This URL returns the following response:

<p>You searched for: <script>alert(“hacked”)</script></p>

This will result into open a alert on the victim’s browser.

XSS attack example in Node.js

const express = require('express')
const app = express()
const port = 3000

app.get('/', (req, res) => {
  res.send('Hello World!')
})

// This is vulnerable to XSS attack
app.get("/search",(req,res)=>{
  item = req.query['item']
  res.send("<p>You searched for:"+ item+"</p>")
})

app.listen(port, () => {
  console.log(`Express app listening at http://localhost:${port}`)
})

Once a person tries to access search API by following URL it will result in an XSS attack

http://localhost:3000/search?item=<script>alert("hacked")</script>

Impact of reflected XSS attacks

By using RXSS attack an attacker can control a script that is executed in the victim’s browser. An attacker can:

  • View any sensitive information like password that are retained by the browser.
  • Modify the information stored in the browser’s cache.
  • Steal cookies stored in the browser.
  • Perform CSRF attack

Prevent Reflect XSS

  1. Input validation and sanitisation: Input validation and data sanitisation are primary defense against untrusted data
  2. Output encoding: The server must encode response data before sending it to client. Server must use HTML encoding, Javascript Encoding, CSS encoding, URI encoding etc.
  3. HTTPOnly cookie flag: To mitigate the impact of an Reflected XSS flaw on your site then set the HTTPOnly flag on session cookie.
  4. Implement Content Security Policy (CSP): CSP is a browser side mechanism which whitelists for client side resources used by the web application, e.g. JavaScript, CSS, images, etc. CSP via special HTTP header instructs the browser to only execute or render resources from those sources.
Content-Security-Policy: default-src 'self' *.mydomain.com

Prevent XSS attack in Node.js

Following code snippet is using escape() method to prevent XSS attack.

const express = require('express')
const app = express()
const port = 3000

app.get('/', (req, res) => {
  res.send('Hello World!')
})

// Here returned response is sanitized before sending to client using escape() method
app.get("/search",(req,res)=>{
  item = req.query['item']
  res.send("<p>You searched for:"+ escape(item)+"</p>")   
})

app.listen(port, () => {
  console.log(`Express app listening at http://localhost:${port}`)
})

Conclusion

Here, We have seen how do we prevent Reflected XSS in Node.js. escape() is just a one thing, We have to apply different mitigation techniques to fully prevent XSS attacks. For example encodeURI(), encodeURIComponent() etc.

#xss attack in node.js #how to do reflected XSS attack in node.js #nodejs xss attack example #cross site scripting node.js #nodejs cross site scripting attack #reflected xss attack reflected xss attack #reflected xss attack via a form #search bar reflected xss attack #example what can you get using a reflected xss attack #what is reflected xss attack #how does a reflected xss attack work #what can you get using a reflected xss attack #reflected xss attack test #reflected xss attack without script tag #example of reflected xss attack #what is a reflected xss attack #test reflected xss attack for sanatized data #iframe reflected xss attack #reflected xss attack using beef #reflected xss attack vs stored #consequence fpr reflected xss attack #remote reflected xss attack #reflected xss attack example #how to reflected xss attack #reflected xss attack in node.js #reflected xss attack via a form in node.js #search bar reflected xss attack in node.js #example what can you get using a reflected xss attackin node.js #what is reflected xss attack in node.js #how does a reflected xss attack work #what can you get using a reflected xss attack in node.js #reflected xss attack test in node.js #reflected xss attack without script tag in node.js #example of reflected xss attack in node.js #what is a reflected xss attack #test reflected xss attack for sanatized data in node.js #iframe reflected xss attack in node.js #reflected xss attack using beef in node.js #reflected xss attack vs stored in node.js #consequence for reflected xss attack in node.js #remote reflected xss attack in node.js #reflected xss attack example in node.js #how to reflected xss attack in node.js reflected cross site scripting attack #reflected cross site scripting attack via a form #search bar reflected cross site scripting attack #example what can you get using a reflected cross site scripting attack #what is reflected cross site scripting attack #how does a reflected cross site scripting attack work #what can you get using a reflected cross site scripting attack #reflected cross site scripting attack test #reflected cross site scripting attack without script tag #example of reflected cross site scripting attack #what is a reflected cross site scripting attack #test reflected cross site scripting attack for sanatized data #iframe reflected cross site scripting attack #reflected cross site scripting attack using beef #reflected cross site scripting attack vs stored #consequence fpr reflected cross site scripting attack #remote reflected cross site scripting attack #reflected cross site scripting attack example #how to reflected cross site scripting attack #reflected cross site scripting attack in node.js #reflected cross site scripting attack via a form in node.js #search bar reflected cross site scripting attack in node.js #example what can you get using a reflected cross site scripting attackin node.js #what is reflected cross site scripting attack in node.js #how does a reflected cross site scripting attack work #what can you get using a reflected cross site scripting attack in node.js #reflected cross site scripting attack test in node.js #reflected cross site scripting attack without script tag in node.js #example of reflected cross site scripting attack in node.js #what is a reflected cross site scripting attack #test reflected cross site scripting attack for sanatized data in node.js #iframe reflected cross site scripting attack in node.js #reflected cross site scripting attack using beef in node.js #reflected cross site scripting attack vs stored in node.js #consequence for reflected cross site scripting attack in node.js #remote reflected cross site scripting attack in node.js #reflected cross site scripting attack example in node.js #how to reflected cross site scripting attack in node.js

, , , ,

Related posts

Latest posts

4 comments

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Please disable your adblocker or whitelist this site!

How to whitelist website on AdBlocker?

How to whitelist website on AdBlocker?

  1. 1 Click on the AdBlock Plus icon on the top right corner of your browser
  2. 2 Click on "Enabled on this site" from the AdBlock Plus option
  3. 3 Refresh the page and start browsing the site