{
  "id": "bbg-p0347-web-request-lifecycle-web-request",
  "title": "Cross-Site Scripting Attack Paths",
  "chapter": "application-security",
  "batch": "14",
  "rank": 131,
  "sourcePage": 347,
  "sourcePointer": "p. 347",
  "status": "accepted",
  "reviewerStatus": "reviewed",
  "fidelityScore": 0.9,
  "canvas": {
    "width": 960,
    "height": 640
  },
  "fireworksTechGraph": {
    "style": "style-1-flat-icon",
    "diagramType": "data-flow",
    "topologyNotes": [
      "source page render inspected",
      "extracted page text inspected",
      "source page render inspected",
      "preserve XSS attack classes: reflected link, stored payload in database, DOM/client execution, stolen session/cookie, and sanitization controls",
      "retargeted from web-request-lifecycle to application-security"
    ],
    "publicBoundary": [
      "original vector output",
      "no source pixels",
      "no source mark or long wording"
    ]
  },
  "callouts": [],
  "sourceReview": {
    "conceptAnchors": [
      "concept: reflected XSS",
      "concept: stored XSS",
      "concept: DOM-based XSS",
      "concept: session theft",
      "concept: input sanitization"
    ],
    "labelSource": "curated",
    "semanticStatus": "reviewed"
  },
  "groups": [
    {
      "id": "entry",
      "label": "Attack entry",
      "x": 58,
      "y": 126,
      "w": 250,
      "h": 300
    },
    {
      "id": "execute",
      "label": "Browser execution",
      "x": 356,
      "y": 126,
      "w": 250,
      "h": 300
    },
    {
      "id": "impact",
      "label": "Impact and controls",
      "x": 654,
      "y": 126,
      "w": 250,
      "h": 300
    }
  ],
  "shapes": [
    {
      "id": "link",
      "kind": "rect",
      "label": "Reflected link",
      "detail": "payload URL",
      "x": 98,
      "y": 166,
      "w": 126,
      "h": 58,
      "tone": "orange"
    },
    {
      "id": "stored",
      "kind": "cylinder",
      "label": "Stored payload",
      "detail": "database",
      "x": 98,
      "y": 306,
      "w": 126,
      "h": 82,
      "tone": "red"
    },
    {
      "id": "browser",
      "kind": "actor",
      "label": "Victim browser",
      "detail": "executes JS",
      "x": 404,
      "y": 218,
      "w": 82,
      "h": 88,
      "tone": "blue"
    },
    {
      "id": "dom",
      "kind": "rect",
      "label": "DOM sink",
      "detail": "client code",
      "x": 488,
      "y": 326,
      "w": 126,
      "h": 58,
      "tone": "purple"
    },
    {
      "id": "session",
      "kind": "rect",
      "label": "Session theft",
      "detail": "cookies tokens",
      "x": 700,
      "y": 166,
      "w": 126,
      "h": 58,
      "tone": "red"
    },
    {
      "id": "sanitize",
      "kind": "rect",
      "label": "Sanitize encode",
      "detail": "CSP",
      "x": 700,
      "y": 326,
      "w": 126,
      "h": 58,
      "tone": "green"
    }
  ],
  "connectors": [
    {
      "from": "link",
      "to": "browser",
      "label": "click",
      "flow": "main"
    },
    {
      "from": "stored",
      "to": "browser",
      "label": "load page",
      "flow": "data"
    },
    {
      "from": "browser",
      "to": "dom",
      "label": "execute",
      "flow": "async"
    },
    {
      "from": "dom",
      "to": "session",
      "label": "steal",
      "flow": "alt"
    },
    {
      "from": "sanitize",
      "to": "dom",
      "label": "block",
      "flow": "control",
      "dashed": true
    }
  ]
}