For the PHP developers who are interested in learning more about Cross-Site Scripting (XSS) or Cross-Site Request Forgeries (CSRF), I'm happy to announce that Foiling Cross-Site Attacks is now available for free from my Web site.

This article, originally published in the Oct 2003 issue of php|architect, describes both attacks as well as several best practices that can help you protect your applications. Thanks to php|architect for allowing me to make this information freely available.

Chris Shiflett Boulder-based founder, designer, and developer. Co-founder of Studioworks and Schoolcase, and founder of Faculty, a product studio. Writing about building things on the web since 2000. More about Chris →