Cross Site Scripting


The attachment file is giving an in depth explanation regarding Cross Site Scripting (XSS) vulnerability, its types as well as best techniques that can be followed to prevent against such a vulnerability

Download here: XSS-2.0

Online Portfolio

View our proud list of international clients’ projects portfolio via our online portfolio system. Please contact us to obtain your login information.



Our services include software development, multimedia design and development and R&D. Our aim is to provide high quality, cost effective solutions to our customers.



We have developed a wide range of products from e-learning to Internet security. Our products tackle problems such as license plate recognition.

Information about integrating CAS with a website


There are several different ways for applications to integrate CAS authentication, including login and validation.

When integrating CAS authentication with your application, follow these best practices:

  • Applications using CAS must operate entirely over TLS (i.e., the casurl must be an HTTPS URL).
  • Enabling HTTP Strict Transport Security (HSTS) is highly recommended.
  • To be sure they are authenticating to APIIT Education Group’s CAS, users must be able to see the URL
  • Therefore, applications must redirect to CAS and not render the login page inside an iframe or use other similar techniques.


What is Central Authentication Service?

Central Authentication Service

The CAS (Central Authentication Service) login service allows you to access multiple computing systems after entering your username and password only once on a central authentication server. This is often referred to as single sign-on. For example, if you log in to PAWS, you will be able to access services such as Blackboard or wikis without having to log in again.

CAS currently supports several web applications. In the future, all other systems will use CAS as well.

You will be automatically redirected to the CAS login screen when you access one of the supported systems, unless you have already authenticated to CAS during your session. You can also reach the CAS login screen directly at

CAS currently supports two types of authentication: REST, Direct. CAS clients can be deployed on a combination of platforms including Windows, Linux, and both Apache and IIS. CAS supports a variety of tools and languages.

While CAS authentication will only return a username, you can use that username to query ADS and retrieve more information.