Hello, and welcome back. In this next series of lessons, we're going to talk about cross-site scripting. The way we're going to chat about it is, first, we're going to recap the idea behind injection attacks. Then I'm going to briefly introduce what cross-site scripting is, and we're going to have a look at the concept tree for cross-site scripting. Then from there, we're going to talk about some browser fundamentals. After this lesson, you'll be able to identify what is cross-site scripting. Now, let's get started. Remember that we said that in general an injection attack allows an attacker to input untrusted data into some command which the interpreter of the program interprets completely as a command. Here, I have an example of modifying the Document Object Model of a document, and including a user-defined parameter. If you're not really familiar with the DOM, we're going to talk about that a little bit later. As you can see, a malicious attacker could give an unsuspecting client this URL to click on. As you can see, there's some JavaScript in this URL. Because this particular web application is vulnerable to cross-site scripting, what happens is that this parameter here, this JavaScript is actually placed within the document object model of what this vulnerable client is looking at. What the actual code looks like is, it takes the contents of parameter p and adds it within the document that the client then renders. The result is that this JavaScript is injected within the document that the browser is looking at. Because of that, during the rendering process, the browser interpreter will interpret justice JavaScript, and actually run this script. You will see an alert box pop up. In general, there is a mismatch between how the developer sees a string coming into the interpreter and how the interpreter sees this string. This string being fed into the interpreter is considered by the interpreter as 100 percent a command. However, it is treated programmatically by the developer as part data and part command. On top of that, the string is modifiable by an untrusted party. To give you a brief description of what cross-site scripting is. It is the ability to inject JavaScript into a web application such that the client or the browser that's viewing the document then runs the malicious JavaScript. This can lead to account impersonation or session stealing. Here we have the concept tree that basically outlines the fundamental concepts behind cross-site scripting, and here I've added an asterisk for the idea of domain names. There's a lot of really good examples or documents on the web about the topic of domain names. In fact, you can look this up on Wikipedia and they have a really good description of what domain names are. We're going to talk first about HTTP, and work our way up this tree. Then talk about the DOM, and work our way up this part of the tree on the left-hand side, then we'll be prepared to talk about cross-site scripting.