I am currently working on a site and testing its security. One of the pages has a sort feature where I pass a url parameter on how I would like the content sorted.
For example:
www.example.com/page/?sort=alpha
This works fine, but I tried to send malicious code as well:
www.example.com/page/?sort=alpha%3Cimg+src=xyz+onerror=alert(99)%3E%3Cxss/%3E
In internet explorer when I enter this url my page shows up and a javascript alert pops up, thus I was able to execute some code on the page. Inside of Chrome I get the message that the XSS auditor has blocked this execution, but I rather it never even be attempted to run. From what I can see, this parameter is accepted in my header.php
file under Sort : <?= get_query_var('sort') ?>
.
I want to sanitize this input so that it will never execute such a script, how can I do this?