The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. W3C Recommendation 16 April 2002 This Version: Latest Version:
Parameter Manipulation. When a user makes selections on an HTML page, the selection is typically stored as form field values and sent to the application as an HTTP request (GET or POST).
HTML can also store field values as Hidden Fields, which are not rendered to the screen by the browser but are collected and submitted as parameters during form submissions. Whether these form fields are pre-selected (drop down, check boxes etc.), free form or hidden, they can all be manipulated by the user to submit whatever values he/she chooses. Drx: Internet Security [Computers: Security: Internet] - loadaverageZero. XSS (Cross Site Scripting) Cheat Sheet. Last revision (mm/dd/yy): 04/7/2014 This cheat sheet is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion.
Please note that most of these cross site scripting vectors have been tested in the browsers listed at the bottom of the scripts. XSS Locator.