root/HTML-XSSLint/trunk/README

Revision 705 (checked in by miyagawa, 18 years ago)

warranty

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1 NAME
2     HTML::XSSLint - audit XSS vulnerability of web pages
3
4 SYNOPSIS
5       use HTML::XSSLint;
6
7       my $agent   = HTML::XSSLint->new;
8
9       # there may be multiple forms in a single HTML
10       # if there's no from, @result is empty
11       my @result  = $agent->audit($url);
12
13       for my $result (grep { $_->vulnerable } @result) {
14           my $action  = $result->action;
15           my @names   = $result->names;
16           my $example = $result->example;
17       }
18
19 DESCRIPTION
20     HTML::XSSLint is a subclass of LWP::UserAgent to audit Cross Site
21     Scripting (XSS) vulnerability by generating random input against HTML
22     forms in a web page.
23
24     Note that the way this module works is not robust, so you can't say a
25     web page is XSS free because it passes HTML::XSSLint audit.
26
27     This module is a backend for command line utility "xsslint" bundled in
28     the distribution. See the xsslint manpage for details.
29
30 AUTHOR
31     Tatsuhiko Miyagawa <miyagawa@bulknews.net>
32
33     This library is free software; you can redistribute it and/or modify it
34     under the same terms as Perl itself.
35
36     This module comes with NO WARRANTY.
37
38 SEE ALSO
39     the xsslint manpage, the HTML::XSSLint::Result manpage, the LWP manpage,
40     the HTML::Form manpage
41
Note: See TracBrowser for help on using the browser.