Cross-Site Request Forgery (CSRF) occurs when attackers trick users into performing unintended actions on a website where they are already authenticated.
javascript
Cross Site Scripting (XSS) happens when attackers are able to inject scripts into a website through its vulnerabilities. There are three types of XSS attacks. Today we will look into simple examples to get a basic idea of how these attacks work and ways to mitigate them.
Most objects in JavaScript have an internal property called [[Prototype]], which stores a reference to another object. When a property is accessed and not found on the object itself, the JavaScript engine looks at its prototype, then the prototype's prototype, and so on until the property is found or the end of the prototype chain is reached. This mechanism is known as prototypal inheritance. It allows objects to inherit properties and methods from their prototypes. For example, built-in methods like .hasOwnProperty, .map, and .filter are available on objects because they are inherited from their prototypes, even though they are not explicitly declared on the objects themselves.