chapter  7
34 Pages

◾ Injection Attacks

An injection attack is one of the most common attacks in the eld of web secu-rity. We have mentioned in Chapter 3 that XSS in essence is also an HTML injection attack. In Chapter 1, We propose a security design principle-a data and code separation principle, it can be said, is born to address injection attacks.