{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,13]],"date-time":"2026-03-13T04:55:59Z","timestamp":1773377759761,"version":"3.50.1"},"reference-count":30,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009,5]]},"DOI":"10.1109\/iwsess.2009.5068456","type":"proceedings-article","created":{"date-parts":[[2009,6,10]],"date-time":"2009-06-10T14:55:45Z","timestamp":1244645745000},"page":"33-39","source":"Crossref","is-referenced-by-count":71,"title":["SWAP: Mitigating XSS attacks using a reverse proxy"],"prefix":"10.1109","author":[{"given":"Peter","family":"Wurzinger","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christian","family":"Platzer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christian","family":"Ludl","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Engin","family":"Kirda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christopher","family":"Kruegel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","year":"2007","journal-title":"OWASP Top Ten"},{"key":"17","year":"0"},{"key":"18","year":"0"},{"key":"15","year":"0"},{"key":"16","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-540-87403-4_11","article-title":"expanding human interactions for in-depth testing of web applications","author":"mcallister","year":"2008","journal-title":"11th Symposium on Recent Advances in Intrusion Detection (RAID)"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1145\/1141277.1141357"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1109\/WSE.2004.10013"},{"key":"11","article-title":"pixy: a static analysis tool for detectingweb application vulnerabilities (short paper)","author":"jovanovic","year":"2006","journal-title":"IEEE Symposium on Security and Privacy"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1145\/1135777.1135817"},{"key":"21","year":"2008","journal-title":"PortSwigger Burp Suite"},{"key":"20","year":"0"},{"key":"22","author":"rsnake","year":"2008","journal-title":"Cheat Sheet"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1145\/511446.511498"},{"key":"24","year":"2008","journal-title":"SecurityFocus lex Guestbook Multiple Cross-Site Scripting Vulnerabilities"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1145\/1111037.1111070"},{"key":"26","year":"0"},{"key":"27","article-title":"cross site scripting prevention with dynamic data tainting and static analysis","author":"vogt","year":"2007","journal-title":"14th Annual Network and Distributed System Security Symposium (NDSS)"},{"key":"28","year":"0","journal-title":"Web Application Attack and Audit Framework"},{"key":"29","year":"0"},{"key":"3","year":"0"},{"key":"2","year":"0","journal-title":"Phishmarkt De"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1109\/ICECCS.2005.35"},{"key":"1","year":"2006","journal-title":"Phishmarkt De"},{"key":"30","article-title":"static detection of security vulnerabilities in scripting languages","author":"xie","year":"2006","journal-title":"15th USENIX Security Symposium"},{"key":"7","year":"2000","journal-title":"Advisory CA-2000-02 Malicious HTML Tags Embedded in Client Web Requests"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.22"},{"key":"5","article-title":"google xss","author":"rios","year":"2008"},{"key":"4","year":"2008","journal-title":"Acunetix Acunetix Web Vulnerability Scanner"},{"key":"9","article-title":"noncespaces: using randomization to enforce information flow tracking and thwart crosssite scripting attacks","author":"gundy","year":"2009","journal-title":"Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS)"},{"key":"8","year":"0"}],"event":{"name":"2009 ICSE Workshop on Software Engineering for Secure Systems (SESS)","location":"Vancouver, BC, Canada","start":{"date-parts":[[2009,5,19]]},"end":{"date-parts":[[2009,5,19]]}},"container-title":["2009 ICSE Workshop on Software Engineering for Secure Systems"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/5054533\/5068439\/05068456.pdf?arnumber=5068456","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,18]],"date-time":"2017-06-18T20:53:19Z","timestamp":1497819199000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/5068456\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,5]]},"references-count":30,"URL":"https:\/\/doi.org\/10.1109\/iwsess.2009.5068456","relation":{},"subject":[],"published":{"date-parts":[[2009,5]]}}}