What is the correct code when converted to html entities?

XSS attacks occur on Web pages that do not perform appropriate bounds checking on data entered by users. Characters like < > that mark the beginning/end of a tag should be converted into HTML entities.

What is the correct code when converted to html entities?

XSS attacks occur on Web pages that do not perform appropriate bounds checking on data entered by users. Characters like < > that mark the beginning/end of a tag should be converted into HTML entities.

What is the correct code when converted to html entities?

A.
Option A

B.
Option B

C.
Option C

D.
Option D

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

Eddie Guerrero

Eddie Guerrero

Can I get a confirmation on this? I see it as C, not D because of the section “var x -” and “x.src -” in option D. Shouldn’t it be “var x =” and “x.src =” ? “=” is replaced with the “-” minus sign?

Reply

Eddie Guerrero

Eddie Guerrero

Nevermind, I didn’t see the left side of image properly for “C”. The greater than is there not less than to start, still what is the significance of changing equal sign to minus to make “D” correct?

Reply