HTML::XSSLint - audit XSS vulnerability of web pages
use HTML::XSSLint; my $agent = HTML::XSSLint->new; # there may be multiple forms in a single HTML # if there's no from, @result is empty my @result = $agent->audit($url); for my $result (grep { $_->vulnerable } @result) { my $action = $result->action; my @names = $result->names; my $example = $result->example; }
HTML::XSSLint is a subclass of LWP::UserAgent to audit Cross Site Scripting (XSS) vulnerability by generating random input against HTML forms in a web page.
Note that the way this module works is not robust, so you can't say a web page is XSS free because it passes HTML::XSSLint audit.
This module is a backend for command line utility xsslint bundled in the distribution. See xsslint for details.
xsslint
Tatsuhiko Miyagawa <miyagawa@bulknews.net>
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
This module comes with NO WARRANTY.
xsslint, HTML::XSSLint::Result, LWP, HTML::Form
To install HTML::XSSLint, copy and paste the appropriate command in to your terminal.
cpanm
cpanm HTML::XSSLint
CPAN shell
perl -MCPAN -e shell install HTML::XSSLint
For more information on module installation, please visit the detailed CPAN module installation guide.