Content Spoofing

Content Spoofing an attack in which an attacker replaces the contents of the page, which displayed to the user, without using XSS attack.

Example #1

  1. Website is a popular blog
  2. Only half of each article are displayed to unauthorized users and the 'Read more' button
  3. Clicking on the button redirects user to the authorization form with the message that a content is available only to authorized visitors
  4. The message text is passed through the GET parameter

Sorry, but this is part of
Web-security course

Web-security course

  • Actual web attacks with examples
  • A wrong ways of preventing attacks
  • Security methods guaranties elimination of attacks
  • Quizzes for the material fixation

  How to prevent Content Spoofing →