Download the PHP package samiahmedsiddiqui/prevent-xss-vulnerability without Composer

On this page you can find all versions of the php package samiahmedsiddiqui/prevent-xss-vulnerability. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package prevent-xss-vulnerability

Prevent XSS Vulnerability

This plugin provides the functionality for Reflected XSS and Self-XSS in WordPress.

For Reflected XSS, it checks the URL and redirects it if you enabled the Enable Blocking option and URL contains any Vulnerable code in it. It only block some parameters which are not allowed in URL and shown here. You can skip some of the parameters from it if you still like them to be used.

To provide more security, this plugin also escape the HTML in the $_GET parameter which is commonly used to get parameters in PHP from the URL and print them in the HTML. This way, HTML properties will not work if anyone provided it in the URL.

There are many ways by which the plugin can be tested but it may varies for different sites according to their structure and development functionality.

If you like to get help or have any query then please feel free to reach me at [email protected].

Block Parameters

This plugin block the following parameters in the URL if enabled from the Plugin Settings.

Symbol Name
( Opening Round Bracket
< Less than Sign
> Greater than Sign
[ Opening Square Bracket
] Closing Square Bracket
{ Opening Curly Bracket
| Pipe or Vertical Bar
} Closing Curly Bracket

:information_source: You can exclude any of the pre-defined parameter(s) or include any other parameter(s) from the Plugin Settings page.

Encode Parameters

This plugin encode the following parameters in the URL if enabled from the Plugin Settings.

Symbol Name
! Exclamation Mark
" Double Quotation
' Single Quotation
( Opening Round Bracket
) Closing Round Bracket
* Asterisk Sign
< Less than Sign
> Greater than Sign
` Grave Accent
^ Cap Sign
[ Opening Square Bracket
] Closing Square Bracket
{ Opening Curly Bracket
| Pipe or Vertical Bar
} Closing Curly Bracket

:information_source: You can exclude any of the pre-defined parameter(s) to being encoded from the Plugin Settings page.

Escape HTML in $_GET Variable

This plugin escape HTML in $_GET variable. $_GET variable is mostly used to put the values in HTML from the URL. This Check is quite useful if your site using/getting anything from the URL and printing it in HTML. It secures your Search and other sections as per your site functionality.

:information_source: Make sure to check your forms after activating the plugin and if you have woocommerce site then please also check the cart and checkout process.

Bug reports

Bug reports for Prevent XSS Vulnerability are welcomed on GitHub. Please note GitHub is not a support forum, and issues that aren't properly qualified as bugs will be closed.

Installation

This process defines you the steps to follow either you are installing through WordPress or Manually from FTP.

From within WordPress

  1. Visit 'Plugins > Add New'
  2. Search for Prevent XSS Vulnerability
  3. Activate Prevent XSS Vulnerability from your Plugins page.
  4. Go to after activation below.

Manually

  1. Upload the prevent-xss-vulnerability folder to the /wp-content/plugins/ directory
  2. Activate Prevent XSS Vulnerability through the 'Plugins' menu in WordPress
  3. Go to after activation below.

After activation

  1. Navigate to the Prevent XSS Vulnerability page from the Admin Dashboard
  2. Make the changes as per your site functionality
  3. You're done!

Frequently Asked Questions

Q. Why should I install this plugin?

A. Installing this plugin is the easiest way to protect your site from XSS Vulnerability.

Q. Does this plugin escape HTML in printing search?

A. Yes, this plugin escape HTML in $_GET variable which is mostly use to print the data from the URL to HTML. If your site is using $_GET then it is safe and the HTML will be escaped otherwise you need to check.

Q. Does this plugin has any conflict with any other plugin?

A. No, this plugin doesn't have any conflict with any plugin until now.


All versions of prevent-xss-vulnerability with dependencies

PHP Build Version
Package Version
Requires php Version ^5.6 || ^7.0
composer/installers Version ^1.11.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package samiahmedsiddiqui/prevent-xss-vulnerability contains the following files

Loading the files please wait ....