As a security engineer I want to ensure the application defends against cross site scripting attacks by ensuring any injected HTML metacharacters are escaped properly when they are reflected back from the app to protect users of the app from javascript vulnerabilities.
Technical tasks required:
Add Jasmine test case(s).
Use javascript to add code to check for specific html metacharacters in the response body for anything that should be data only
Use javascript to ensure those characters are safely encoded or escaped properly
User Story:
As a security engineer I want to ensure the application defends against cross site scripting attacks by ensuring any injected HTML metacharacters are escaped properly when they are reflected back from the app to protect users of the app from javascript vulnerabilities.
Technical tasks required:
Add Jasmine test case(s).
Use javascript to add code to check for specific html metacharacters in the response body for anything that should be data only
Use javascript to ensure those characters are safely encoded or escaped properly
Confirm all jasmine test specs pass.
Difficulty Rating: 2