Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUG:Requirement of Proper Input Handling in Login/Register form #15

Closed
pand-coder opened this issue Oct 1, 2024 · 1 comment
Closed

BUG:Requirement of Proper Input Handling in Login/Register form #15

pand-coder opened this issue Oct 1, 2024 · 1 comment
Assignees
@pand-coder
Labels
bug Something isn't working gssoc-ext Level 2

Comments

@pand-coder
Copy link
Contributor

Hello Project Admin,
Allowing special characters in password fields is essential for creating strong passwords. However, without proper input handling, special characters can introduce vulnerabilities such as XSS attacks. Malicious actors can exploit these vulnerabilities by injecting harmful scripts, leading to security breaches and data theft.

I would like to incorporate proper javascript Input Handling to prevent this type of client side injection or cross scripting attacks

Screenshot 2024-10-01 205312
@Anjaliavv51 Anjaliavv51 added the enhancement New feature or request label Oct 1, 2024
@pand-coder pand-coder changed the title Requirement of Proper Input Handling in Login/Register form BUG:Requirement of Proper Input Handling in Login/Register form Oct 1, 2024
@Anjaliavv51 Anjaliavv51 added bug Something isn't working Level 2 gssoc-ext Hacktoberfest Accepted and removed enhancement New feature or request labels Oct 1, 2024
@AyutheCoder
Copy link

I would like to work over it,please assign this task to me.

Anjaliavv51 added a commit that referenced this issue Oct 1, 2024
@Anjaliavv51
#15 Requirement of Proper Input Handling in Login/Register form (#29)
490d17e 
<!-- ISSUE & PR TITLE SHOULD BE SAME-->
## Description
<!--Please include a brief description of the changes-->
Added a small warning using html and css whenver user enter a password
and cursor points on password input box
validated the backend form validation used special character regex
expression to prevent symbols that lead to client side injection attacks
such as xss and other attacks.

## Related Issues

<!--Cite any related issue(s) this pull request addresses. If none,
simply state “None”-->
None

## Type of PR
<!-- Mention PR Type according to the issue in brackets below and check
the below box -->
- [X] (Security patch update feature with proper exception and error
form validation)

## Screenshots / videos (if applicable)
<!--Attach any relevant screenshots or videos demonstrating the
changes-->
![Screenshot 2024-10-01
231413](https://github.com/user-attachments/assets/9b9d0d0a-f918-4468-8a34-51d93b768e22)
**Wrote this Exception handling  to ensure proper validation**

![image](https://github.com/user-attachments/assets/b22092dd-40a9-4bc1-8463-35075f57d0e7)




## Checklist
<!-- [X] - put a cross/X inside [] to check the box -->
- [X] I have gone through the [contributing
guide](https://github.com/Anjaliavv51/Retro)
- [X] I have updated my branch and synced it with project `main` branch
before making this PR
- [X] I have performed a self-review of my code
- [X] I have tested the changes thoroughly before submitting this pull
request.
- [X] I have provided relevant issue numbers, screenshots, and videos
after making the changes.
- [X] I have commented my code, particularly in hard-to-understand
areas.


## Additional context:
Atfirst, Tried using the alert method but it was conflicting the google
app authenticator then switched to this method of warning based change
with change in the signup form validation code
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pand-coder pand-coder

Labels
bug Something isn't working gssoc-ext Level 2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pand-coder @Anjaliavv51 @AyutheCoder