Testing Cross site scripting
A lot of time the QA's or the testers have to came across testing cross site scripting or XSS scenarios. Fixes for XSS defects will ultimately require code based fixes. So here i will be discussing some manual operations which can be performed by a QA / tester to verify the site integrity and security against xss. Step 1. Open any Web site in a browser, and look for places on the site that accept user input such as a search form or some kind of login page. Enter the word test in the search box and send this to the Web server. Step 2. Look for the Web server to respond back with a page similar to something like "Your search for 'test' did not find any items" or "Invalid login test." If the word "test" appears in the results page, you are in luck. Step 3. To test for Cross-Site Scripting, input the string " " without the quotes in the same search or login box you used before and send this to your Web server. Step 4. If