Author Topic: Cross site scripting Meta tag issue  (Read 142 times)


  • New Member
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Hello everyone,

The below line of code is flag as being vulnerable for cross site scripting (xss)

 <meta property="og:url" content="" >

How do I manually test the page with a real code test ?
Already try it in the url addres bar:


and this test is sending the user to my non-found page which is a good thing

Second question:
If I change the line of code in question to the below solution should solve the problem?

 <meta property="og:url" content="<?php $url="http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; echo htmlspecialchars($url); ?>" />

Thank you for your help in advance :)

PHP Help Forum

Cross site scripting Meta tag issue
« on: March 15, 2017, 03:59:27 pm »