The below line of code is flag as being vulnerable for cross site scripting (xss)
|1|| <meta property="og:url" content="https://www.mysite.com/events/" >|
How do I manually test the page with a real code test ?
Already try it in the url addres bar:
and this test is sending the user to my non-found page which is a good thing
If I change the line of code in question to the below solution should solve the problem?
|1|| <meta property="og:url" content="<?php $url="http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; echo htmlspecialchars($url); ?>" />|
Thank you for your help in advance