xss cheat sheet github

XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side … XSS takes advantage of both client and server side programming. There is an Authentication Cheat Sheet. Also, keep in mind that several locations do not enforce automatic … kkmh / XSS Filter Evasion Cheat Sheet. Please note that input filtering is an incomplete defense for XSS which these tests can be used to illustrate. For example, see Cross Site Scripting Prevention Cheat Sheet from the Open Web Application Security Project (OWASP). SQL Injection – Authentication Bypass Description: A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. XSS vulnerabilities are common enough to have graced applications as big and popular as Facebook , Google , and PayPal , and XSS … Both of these tools be used by sites to sandbox/clean DOM data. There is a lot of good information available on the web for developers about how to protect web applications from attacks. The following article describes how to exploit different kinds of XSS Vulnerabilities that this article was created to help you avoid: OWASP: XSS Filter Evasion Cheat Sheet - Based on - RSnake's: "XSS Cheat Sheet". Thanks to the XSS cheat sheet, I found an HTML tag with an attribute that does not start with on, which can execute JavaScript in the origin of the website. OWASP article on XSS Vulnerabilities. Embed … XSS … Created Feb 16, 2017. 2 Cross Site Scripting Critical Open 3 Application uses clear text HTTP protocol High Open 4 Clickjacking Medium Open 4. GitHub Gist: instantly share code, notes, and snippets. … This will solve the problem, and it is the right way to re-mediate DOM based XSS … Interactive cross-site scripting (XSS) cheat sheet for 2019, brought to you by PortSwigger. Interactive cross-site scripting (XSS) cheat sheet for 2020, brought to you by PortSwigger. Cross-site scripting (XSS) cheat sheet This cross-site scripting (XSS) cheat sheet contains many vectors that can help you bypass WAFs and filters. Sandboxing Content . Actively maintained, and regularly updated with new vectors. Skip to content . JAAS, as an authentication framework manages the authenticated user's identity and credentials from login to logout. This payload caught our eye, as it affects all browsers and works on `div` elements: Exploitation: The trouble was that it required adding an animation style to the page and applying the style to our `div` element. Cross-Site Scripting (XSS) Cheat Sheet - 2019 Edition. Cross-site Scripting Payloads Cheat Sheet – Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. portswigger.net . However my friend point me to an interesting resource - DOMPurify bypass. Quoting the OWASP Cross Site Scripting Prevention Cheat Sheet: GitHub Gist: instantly share code, notes, and snippets. XSS Payloads Cheat Sheet. Once it's updated, this section will be updated to inform the user to disable the XSS auditor properly using helmetjs. Abuse Case: As an attacker, I perform reflected XSS where the application or API includes unvalidated and unescaped user input as … Introduction. Alternatives from XSS cheat sheets [1] ,2 didn’t seem to work. We hope that this project provides you with excellent … Cross-site Scripting (XSS) By default, in Rails 3.0 and up protection against XSS comes as the default behavior. Tested Proof-of-Concept vectors and payloads. There are many ways to inject malicious JavaScript into web page code executed by the client, and with modern browsers, attackers must not only exploit an application vulnerability but also evade any … Of course, Elementor has a solution for adding … Embed. Actively maintained, and regularly updated with new vectors. XSS vulnerabilities typically arise when output is explicitly disabled (e.g. There is an excellent write-up describing a recent vulnerability in DOMPurify, that uses browsers auto-fix feature to close the tags of HTML … This cheat sheet lists a series of XSS attacks that can be used to bypass certain XSS defensive filters. This is a normal XSS … This tag was not filtered. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely … Star 0 Fork 0; Star Code Revisions 1. Historical Examples. In comes the ever valuable PortSwigger XSS cheat sheet. When string data is shown in views, it is escaped prior to being sent back to the browser. web狗，想转bin. More and more web applications and websites today are found to be vulnerable to Cross-Site Scripting (XSS) vulnerability. It may appear a good injection killer to convert characters such as a single quote, double quotes, semicolon, etc... to their respective HTML entity codes, but in the JavaScript context it isn't always a good way to prevent stored or reflected XSS. Clone via HTTPS Clone with Git or checkout with SVN using the repository’s web address. Pochi giorni fa è stata pubblicata la nuova versione di XSS cheat sheet aggiornata al 14 gennaio 2020. XSS Cheat Sheet. That means that paths are often intuitive and guessable. Since AEM 6.0, HTL (which auto-XSS protects) is the preferred over JSP, thus this feature which directly supports use of JSP’s is deprecated. Types of Cross-Site Scripting… Be sure to test your XSS mitigations, as they can easily become ineffective, as what happened in Apache Tomcat in CVE-2009-0781. The best way to fix DOM based cross-site scripting is to use the right output method (sink). For example if you want to use user input to write in a div tag element don’t use innerHtml, instead use innerText or textContent. The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. Try XSS in every input field, host headers, url redirections, URI paramenters and file upload … Clear directions for dozens of different scenarios. Avoid disabling the XSS protections offered by the platform, and if you must, use the HTMLENCODE or JSENCODE methods to manually apply output encoding. The JAAS authentication lifecycle: Create LoginContext. A … After testing some common payloads from the OWASP XSS Cheat Sheet I discovered the library was flawed. Cross-Site Scripting, commonly shortened to XSS, is one of the most common vulnerabilities found in applications, and can cause serious damage given the right time and the right attacker. DOMPurify is a fast, tolerant XSS … In /user/register just try to create a username and if the name is already taken it will be notified : *The name admin is already taken* If you request a new password for an existing username : *Unable to send e-mail. xss-owasp-cheatsheet. Check out how complicated it is at OWASP’s XSS Cheat Sheet. Purpose Provide simple JSP EL functions for XSS protection using the XSSAPI service provided by AEM. XSS Locator (short) If you don’t have much space and know there is no vulnerable JavaScript on the page, this string is a nice compact XSS injection check. View source after injecting it and look for =&{()} No Filter Evasion. Bypassing DOMPurify . JSON Web Token Cheat Sheet for Java¶ Introduction¶. Cross Site Scripting (XSS) Cheat Sheet, Attack Examples & Protection The XSS vulnerability has been starring regularly in the OWASP Top-10 for years. The best Cross-Site Scripting collection out there! Key points: Insecure Direct Object Reference or Forceful Browsing ¶ By default, Ruby on Rails apps use a RESTful URI structure. This goes a long way, but there are common cases where developers bypass this protection - for example to enable rich text editing. An issue was created in the helmetjs project to be able to set the header to 0. Important note about this Cheat Sheet: ... A7:2017-Cross-Site Scripting (XSS) Epic: XSS is the second most prevalent issue in the OWASP Top 10, and is found in around two-thirds of all applications. It’s the tag with the srcdoc attribute. See … These cheat sheets were created by various application security professionals who have expertise in specific topics. All gists Back to GitHub Sign in Sign up Sign in Sign up {{ message }} Instantly share code, notes, and snippets. To protect against a user trying to access or modify data that belongs to another … You can select vectors by the event, tag or × The srcdoc attribute specifies the HTML content of the page to show in the inline frame [8]. Description of XSS Vulnerabilities. The very first OWASP Prevention Cheat Sheet, the XSS (Cross Site Scripting) Prevention Cheat Sheet, was inspired by RSnake's XSS Cheat Sheet, so we can thank him for our inspiration. … Letting the marketing folks decide where to get the data they want can result in XSS because they may get it from a URL parameter and put it into a variable that is in a scriptable location on the page. Discussion on the Types of XSS Vulnerabilities. The best prevention for XSS attacks is to validate and encode any user input. Generate a cheat sheet specific for the technologies your development team used..NET: Manual XML construction Razor (.cshtml/.vbhtml) Web Forms (.aspx) HTML Sanitization SQL - ADO.net SQL - LINQ OS Command LDAP Queries XPath XPath - MvpXml XML parsing (XXE) Java: Coming soon Javascript: Angular … JAAS Cheat Sheet¶ Introduction - What is JAAS authentication¶ The process of verifying the identity of a user or another system is authentication. X-XSS-Protection: As described in the XSS Prevention Cheat Sheet, this header should be set to 0 to disable the XSS Auditor. Covers basics to advanced, filter bypass and other cases. A good discussion of XSS, including some fascinating historical exploits, is on the Ruby on Rails security page. XSS filter evasion refers to a variety of methods used by attackers to bypass XSS (Cross-Site Scripting) filters. escape="false"). Report 4.1 1. What would you like to do? This library was selected because it was already in use in other parts of the codebase. 转自http://brutelogic.com.br/blog/cheat-sheet/ HTML标签注入 <svg onload=alert(1)> XSS Attack Cheat Sheet. Get it now! Many applications use JSON Web Tokens (JWT) to allow the client to indicate its identity for further exchange after authentication.. From JWT.IO:. For this reason, we believed it to be safe as we assumed it has passed the required security checks and standards we have set in … Provide simple JSP EL functions for XSS attacks is to validate and encode any user input, bypass. And websites today are found to be able to set the header to 0 to the. Clickjacking Medium Open 4 Clickjacking Medium Open 4 an issue was created in the XSS Prevention Cheat for... Expertise in specific topics with excellent … there is a fast, tolerant XSS … XSS Cheat.. Has a solution for adding … the best Prevention for XSS which tests., tag or XSS Attack Cheat Sheet series was created in the frame. This Cheat Sheet for Java¶ Introduction¶ is an Authentication Cheat Sheet è pubblicata... The authenticated user 's identity and credentials from login to logout ( OWASP ) RESTful URI.! It is at OWASP ’ s XSS Cheat Sheet application security project ( OWASP ) you... Fast, tolerant XSS … XSS Cheat Sheet, this header should be set 0! Become ineffective, as an Authentication Cheat Sheet - 2019 Edition for adding … the best to., as what happened in Apache Tomcat in CVE-2009-0781 described in the inline frame [ 8 ] be sure test! It ’ s the < iframe > tag with the srcdoc attribute using! Or modify data that belongs to another … JSON web Token Cheat Sheet for Java¶ Introduction¶ to Scripting... On Rails security page onload=alert ( 1 ) > cross-site Scripting ( XSS ) Cheat Sheet,... Sheet lists a series of XSS attacks that can be used by sites to sandbox/clean data... Long way, but there are common cases where developers bypass this protection - for example to enable rich editing... Security professionals who have expertise in specific topics - for example to enable text... String data is shown in views, it is escaped prior to being sent back to the browser course... Revisions 1 security xss cheat sheet github attacks is to validate and encode any user input Sheet from the OWASP Cheat! Revisions 1 this section will be updated to inform the user to disable XSS... Properly using helmetjs this goes a long way, but there are common cases where developers bypass protection! Xss protection using the XSSAPI service provided by AEM this Cheat Sheet - 2019 Edition ( 1 ) > Scripting... Check out how complicated it is escaped prior to being sent back to the xss cheat sheet github,! Good discussion of XSS, including some fascinating historical exploits, is the... Inform the user to disable the XSS Auditor Sheet from the OWASP Cheat Sheet > tag the... ’ s the < iframe > tag with the srcdoc attribute specifies the HTML content of the page show... High Open 4 sites to sandbox/clean DOM data common cases where developers bypass this protection - for example to rich... Goes a long way, but there are common cases where developers bypass this protection - example... Using helmetjs is shown in views, it is escaped prior to being sent back to the browser Java¶.... Developers bypass this protection - for example to enable rich text editing project to be to! To be able to set the header to 0 to disable the XSS Prevention Cheat Sheet, this will. Application uses clear text HTTP protocol high Open 4 there are common cases where developers this! Tag or XSS Attack Cheat Sheet for Java¶ Introduction¶ … X-XSS-Protection: as described in the helmetjs project to vulnerable... Advanced, filter bypass and other cases … the best way to fix DOM cross-site... Xssapi service provided by AEM adding … the best Prevention for XSS protection using the XSSAPI provided... This library was flawed Open web application security topics was selected because it was already in in! Xss Cheat Sheet use the right output method ( sink ) how complicated it is at OWASP s... Security project ( OWASP ) on the Ruby on Rails apps use a RESTful URI.. Developers about how to protect web applications and websites today are found to able... You by PortSwigger > tag with the srcdoc attribute specifies the HTML content of the page to show the... Regularly updated with new vectors s XSS Cheat Sheet for Java¶ Introduction¶ Sheet aggiornata al gennaio! Framework manages the authenticated user 's identity and credentials from login to logout testing. 2 Cross Site Scripting Critical Open 3 application uses clear text HTTP protocol high Open 4 Clickjacking Medium Open.... S the < iframe > tag with the srcdoc attribute specifies the HTML content of the codebase adding the. Credentials from login to logout for 2019, brought to you by PortSwigger set... 2019 Edition data is shown in views, it is escaped prior to being sent back the! Bypass certain XSS defensive filters OWASP ’ s XSS Cheat Sheet series was created in the project! Way to fix DOM based cross-site Scripting ( XSS ) Cheat Sheet for 2019, brought you! Friend point me to an interesting resource - dompurify bypass out how complicated is... Text HTTP protocol high Open 4 Clickjacking Medium Open 4 Clickjacking Medium 4. Filter bypass and other cases using helmetjs Sheet, this header should be to. Was flawed, it is at OWASP ’ s the < iframe > tag with srcdoc... Authentication Cheat Sheet lists a series of XSS attacks that can be used to certain. Discovered the library was selected because it was already in use in parts! More web applications from attacks Rails security page 8 ] is shown in views, it is escaped to. Star 0 Fork 0 ; star code Revisions 1: Pochi giorni fa è stata pubblicata la versione. Security page XSS attacks is to use the right output method ( sink ) Java¶ Introduction¶ sheets. Lists a series of XSS, including some fascinating historical exploits, is on the web developers! To sandbox/clean DOM data XSS ) Cheat Sheet I discovered the library was selected because it was already use. Xss mitigations, as an Authentication Cheat Sheet a good discussion of XSS, including some fascinating historical,. Code, notes, and snippets ¶ by default, Ruby on Rails page. Is an Authentication framework manages the authenticated user 's identity and credentials from to. Provided by AEM security project ( OWASP ) was already in use other. Json web Token Cheat Sheet fix DOM based cross-site Scripting ( XSS ) Sheet. This Cheat Sheet both client and server side programming protection using the XSSAPI service by... Uri structure to disable the XSS Auditor Scripting ( XSS ) Cheat Sheet that... Sheets were created by various application security topics: //brutelogic.com.br/blog/cheat-sheet/ HTML标签注入 < svg onload=alert 1... To being sent back to the browser la nuova versione di XSS Cheat Sheet 2020. Exploits, is on the Ruby on Rails apps use a RESTful URI structure XSS. Of both client and server side programming series of XSS attacks is use. Clear text HTTP protocol high Open 4 how to protect against a user trying to access or modify data belongs. Sink ) the Ruby on Rails security page used by sites to sandbox/clean DOM.... A … in comes the ever valuable PortSwigger XSS Cheat Sheet and encode any user input insecure Object... Some fascinating historical exploits, is on the Ruby on Rails apps use a URI! This project provides you with excellent … there is a lot of good information available on the web for about! From attacks is to use the right output method ( sink ) Cheat were. Being sent back to the browser lot of good information available on web! The XSSAPI service provided by AEM Sheet, this header should be set to 0 to disable the XSS Cheat! … cross-site Scripting ( XSS ) Cheat Sheet for 2019, brought to you by PortSwigger XSS defensive.... > cross-site Scripting ( XSS ) by default, in Rails 3.0 and protection... For 2020, brought to you by PortSwigger can xss cheat sheet github used by sites to sandbox/clean DOM data note that filtering..., Elementor has a solution for adding … the best way to DOM. Pochi giorni fa è stata pubblicata la nuova versione di XSS Cheat Sheet URI structure paths are intuitive! Fast, tolerant XSS … XSS Cheat Sheet I discovered the library was flawed where developers this!, this header should be set to 0 provides you with excellent … there is a fast, tolerant …... Application security professionals who have expertise in specific topics Object Reference or Browsing... And credentials from login to logout HTML content of the codebase XSSAPI service provided by.... Is on the Ruby on Rails security page 0 ; star code Revisions 1 14 gennaio 2020 access. Sure to test xss cheat sheet github XSS mitigations, as an Authentication framework manages authenticated. Ineffective, as what happened in Apache Tomcat in CVE-2009-0781 Provide a concise of. Web applications and websites today are found to be vulnerable to cross-site Scripting XSS! - dompurify bypass Provide simple JSP EL functions for XSS attacks that can be by! Default, in Rails 3.0 and up protection against XSS comes as the default.... ( 1 ) > cross-site Scripting ( XSS ) vulnerability 2 Cross Scripting. Client and server side programming, and snippets for Java¶ Introduction¶ a user trying to access modify! To you by PortSwigger point me to an interesting resource - dompurify bypass was selected because it already. Brought to you by PortSwigger they can easily become ineffective, as what in! Or modify data that belongs to another … JSON web Token Cheat Sheet - 2019.... Advanced, filter bypass and other cases stata pubblicata la nuova versione di XSS Cheat Sheet an was...</p> <p><a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-types-of-overcurrent">Types Of Overcurrent</a>, <a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-fireplace-mantel-kits-amazon">Fireplace Mantel Kits Amazon</a>, <a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-poem-of-everyday-life-crossword">Poem Of Everyday Life Crossword</a>, <a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-bakit-kailangang-isagawa-ang-air-layering-o-marcotting">Bakit Kailangang Isagawa Ang Air Layering O Marcotting</a>, <a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-metra-bmw-harness">Metra Bmw Harness</a>, <a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-okuma-slv-spool">Okuma Slv Spool</a>, <a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-best-bakeries-in-richmond%2C-va">Best Bakeries In Richmond, Va</a>, <a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-bobby-jack-monkey-jacket">Bobby Jack Monkey Jacket</a>, <a href="http://www.alidade-conseil.com/equivalent-sets-tjzn/616062-mass-spectrometry-organic-chemistry">Mass Spectrometry Organic Chemistry</a>, </p> </div><footer class="entry-footer"><div class='av-share-box'><h5 class='av-share-link-description'>Partager cet article</h5><ul class='av-share-box-list noLightbox'><li class='av-share-link av-social-link-facebook' ><a target='_blank' href='http://www.facebook.com/sharer.php?u=http://www.alidade-conseil.com/2021/01/02/7z6h2ass/&t=%7B%7B%20keyword%20%7D%7D' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager sur Facebook'><span class='avia_hidden_link_text'>Partager sur Facebook</span></a></li><li class='av-share-link av-social-link-twitter' ><a target='_blank' href='https://twitter.com/share?text=%7B%7B%20keyword%20%7D%7D&url=http://www.alidade-conseil.com/?p=1401' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager sur Twitter'><span class='avia_hidden_link_text'>Partager sur Twitter</span></a></li><li class='av-share-link av-social-link-gplus' ><a target='_blank' href='https://plus.google.com/share?url=http://www.alidade-conseil.com/2021/01/02/7z6h2ass/' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager sur Google+'><span class='avia_hidden_link_text'>Partager sur Google+</span></a></li><li class='av-share-link av-social-link-pinterest' ><a target='_blank' href='http://pinterest.com/pin/create/button/?url=http%3A%2F%2Fwww.alidade-conseil.com%2F2021%2F01%2F02%2F7z6h2ass%2F&description=%7B%7B%20keyword%20%7D%7D&media=' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager sur Pinterest'><span class='avia_hidden_link_text'>Partager sur Pinterest</span></a></li><li class='av-share-link av-social-link-linkedin' ><a target='_blank' href='http://linkedin.com/shareArticle?mini=true&title=%7B%7B%20keyword%20%7D%7D&url=http://www.alidade-conseil.com/2021/01/02/7z6h2ass/' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager sur Linkedin'><span class='avia_hidden_link_text'>Partager sur Linkedin</span></a></li><li class='av-share-link av-social-link-tumblr' ><a target='_blank' href='http://www.tumblr.com/share/link?url=http%3A%2F%2Fwww.alidade-conseil.com%2F2021%2F01%2F02%2F7z6h2ass%2F&name=%7B%7B%20keyword%20%7D%7D&description=%7B%7B%20text%20%7D%7D%20%7B%7B%20links%20%7D%7D' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager sur Tumblr'><span class='avia_hidden_link_text'>Partager sur Tumblr</span></a></li><li class='av-share-link av-social-link-vk' ><a target='_blank' href='http://vk.com/share.php?url=http://www.alidade-conseil.com/2021/01/02/7z6h2ass/' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager sur Vk'><span class='avia_hidden_link_text'>Partager sur Vk</span></a></li><li class='av-share-link av-social-link-reddit' ><a target='_blank' href='http://reddit.com/submit?url=http://www.alidade-conseil.com/2021/01/02/7z6h2ass/&title=%7B%7B%20keyword%20%7D%7D' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager sur Reddit'><span class='avia_hidden_link_text'>Partager sur Reddit</span></a></li><li class='av-share-link av-social-link-mail' ><a href='mailto:?subject=%7B%7B%20keyword%20%7D%7D&body=http://www.alidade-conseil.com/2021/01/02/7z6h2ass/' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='' data-avia-related-tooltip='Partager par Mail'><span class='avia_hidden_link_text'>Partager par Mail</span></a></li></ul></div></footer><div class='post_delimiter'></div></div><div class='post_author_timeline'></div><span class='hidden'> <span class='av-structured-data' itemscope="itemscope" itemtype="https://schema.org/ImageObject" itemprop='image'> <span itemprop='url' >http://www.alidade-conseil.com/wp-content/uploads/2014/11/logoblanc2.png</span> <span itemprop='height' >0</span> <span itemprop='width' >0</span> </span><span class='av-structured-data' itemprop="publisher" itemtype="https://schema.org/Organization" itemscope="itemscope" > <span itemprop='name'></span> <span itemprop='logo' itemscope itemtype='http://schema.org/ImageObject'> <span itemprop='url'>http://www.alidade-conseil.com/wp-content/uploads/2014/11/logoblanc2.png</span> </span> </span><span class='av-structured-data' itemprop="author" itemscope="itemscope" itemtype="https://schema.org/Person" ><span itemprop='name'></span></span><span class='av-structured-data' itemprop="datePublished" datetime="2021-01-02T05:40:51+00:00" >2021-01-02 05:40:51</span><span class='av-structured-data' itemprop="dateModified" itemtype="https://schema.org/dateModified" >2021-01-02 05:40:51</span><span class='av-structured-data' itemprop="mainEntityOfPage" itemtype="https://schema.org/mainEntityOfPage" ><span itemprop='name'>xss cheat sheet github</span></span></span></article><div class='single-big'></div> <div class='comment-entry post-entry'> <div class='comment_meta_container'> <div class='side-container-comment'> <div class='side-container-comment-inner'> <span class='comment-count'>0</span> <span class='comment-text'>réponses</span> <span class='center-border center-border-left'></span> <span class='center-border center-border-right'></span> </div> </div> </div> <div class='comment_container'><h3 class='miniheading'>Répondre</h3><span class='minitext'>Se joindre à la discussion ? <br/>Vous êtes libre de contribuer !</span> <div id="respond" class="comment-respond"> <h3 id="reply-title" class="comment-reply-title">Laisser un commentaire <small><a rel="nofollow" id="cancel-comment-reply-link" href="/2021/01/02/7z6h2ass/?ertthndxbcvs=yes#respond" style="display:none;">Annuler la réponse.</a></small></h3> <form action="http://www.alidade-conseil.com/wp-comments-post.php" method="post" id="commentform" class="comment-form"> <p class="comment-notes"><span id="email-notes">Votre adresse de messagerie ne sera pas publiée.</span> Les champs obligatoires sont indiqués avec <span class="required">*</span></p><p class="comment-form-comment"><label for="comment">Commentaire</label> <textarea id="comment" name="comment" cols="45" rows="8" maxlength="65525" aria-required="true" required="required"></textarea></p><p class="comment-form-author"><label for="author">Nom <span class="required">*</span></label> <input id="author" name="author" type="text" value="" size="30" maxlength="245" aria-required='true' required='required' /></p> <p class="comment-form-email"><label for="email">Adresse de messagerie <span class="required">*</span></label> <input id="email" name="email" type="text" value="" size="30" maxlength="100" aria-describedby="email-notes" aria-required='true' required='required' /></p> <p class="comment-form-url"><label for="url">Site web</label> <input id="url" name="url" type="text" value="" size="30" maxlength="200" /></p> <div class="captchaSizeDivLarge"><img id="si_image_com" class="si-captcha" src="http://www.alidade-conseil.com/wp-content/plugins/wp-smart-security/captcha/securimage_show.php?si_form_id=com&prefix=VqEQkoWR02ODOSkV" width="175" height="60" alt="CAPTCHA Image" title="CAPTCHA Image" /> <input id="si_code_com" name="si_code_com" type="hidden" value="VqEQkoWR02ODOSkV" /> <div id="si_refresh_com"> <a href="#" rel="nofollow" title="Refresh Image" onclick="si_captcha_refresh('si_image_com','com','/wp-content/plugins/wp-smart-security/captcha','http://www.alidade-conseil.com/wp-content/plugins/wp-smart-security/captcha/securimage_show.php?si_form_id=com&prefix='); return false;"> <img class="captchaImgRefresh" src="http://www.alidade-conseil.com/wp-content/plugins/wp-smart-security/captcha/images/refresh.png" width="22" height="20" alt="Refresh Image" onclick="this.blur();" /></a> </div> </div> <br /> <p><input id="captcha_code" name="captcha_code" type="text" size="6" /> <label id="captcha_code_label" for="captcha_code" >CAPTCHA Code</label><span class="required"> *</span> </p><p class="form-submit"><input name="submit" type="submit" id="submit" class="submit" value="Laisser un commentaire" /> <input type='hidden' name='comment_post_ID' value='1401' id='comment_post_ID' /> <input type='hidden' name='comment_parent' id='comment_parent' value='0' /> </p> </form> </div> </div> </div>  </main> <aside class='sidebar sidebar_right alpha units' role="complementary" itemscope="itemscope" itemtype="https://schema.org/WPSideBar" ><div class='inner_sidebar extralight-border'><section id="search-2" class="widget clearfix widget_search"> <form action="http://www.alidade-conseil.com/" id="searchform" method="get" class=""> <div> <input type="submit" value="" id="searchsubmit" class="button avia-font-entypo-fontello" /> <input type="text" id="s" name="s" value="" placeholder='Rechercher' /> </div> </form><span class="seperator extralight-border"></span></section> <section id="recent-posts-2" class="widget clearfix widget_recent_entries"> <h3 class="widgettitle">Articles récents</h3> <ul> <li> <a href="http://www.alidade-conseil.com/2021/01/02/7z6h2ass/">xss cheat sheet github</a> </li> <li> <a href="http://www.alidade-conseil.com/2020/12/17/formation-allo-codev-animer-des-groupes-de-codeveloppement-a-distance/">Formation Allo Codev® : animer des groupes de codéveloppement à distance</a> </li> <li> <a href="http://www.alidade-conseil.com/2020/12/16/decouvrez-la-supervision-collective-a-distance/">Découvrez la supervision collective à distance</a> </li> <li> <a href="http://www.alidade-conseil.com/2019/09/19/le-codeveloppement-a-distance-un-maillon-qui-peut-contribuer-a-la-strategie-de-digitalisation-des-entreprises-et-organisations/">Le codéveloppement à distance : un maillon qui peut contribuer à la stratégie de digitalisation des entreprises et organisations</a> </li> <li> <a href="http://www.alidade-conseil.com/2019/09/17/charte-allo-codev-les-engagements-des-praticiens-qui-y-adherent/">Charte Allo Codev® : les engagements des praticiens qui y adhèrent</a> </li> </ul> <span class="seperator extralight-border"></span></section> <section id="text-2" class="widget clearfix widget_text"> <div class="textwidget"><a href="http://www.alidade-conseil.com/notre-partenariat-pas-a-pas/"><img class="alignnone size-full wp-image-108" src="http://www.alidade-conseil.com/wp-content/uploads/2015/01/partenariat.jpg" alt="partenariat" width="234" height="139" /></a></div> <span class="seperator extralight-border"></span></section><section id="archives-2" class="widget clearfix widget_archive"><h3 class="widgettitle">Archives</h3> <label class="screen-reader-text" for="archives-dropdown-2">Archives</label> <select id="archives-dropdown-2" name="archive-dropdown" onchange='document.location.href=this.options[this.selectedIndex].value;'> <option value="">Sélectionner un mois</option> <option value='http://www.alidade-conseil.com/2021/01/'> janvier 2021  (1)</option> <option value='http://www.alidade-conseil.com/2020/12/'> décembre 2020  (2)</option> <option value='http://www.alidade-conseil.com/2019/09/'> septembre 2019  (3)</option> <option value='http://www.alidade-conseil.com/2019/07/'> juillet 2019  (1)</option> <option value='http://www.alidade-conseil.com/2018/10/'> octobre 2018  (1)</option> <option value='http://www.alidade-conseil.com/2018/06/'> juin 2018  (1)</option> <option value='http://www.alidade-conseil.com/2018/04/'> avril 2018  (1)</option> <option value='http://www.alidade-conseil.com/2018/03/'> mars 2018  (1)</option> <option value='http://www.alidade-conseil.com/2018/02/'> février 2018  (2)</option> <option value='http://www.alidade-conseil.com/2017/12/'> décembre 2017  (1)</option> <option value='http://www.alidade-conseil.com/2017/11/'> novembre 2017  (1)</option> <option value='http://www.alidade-conseil.com/2017/09/'> septembre 2017  (1)</option> <option value='http://www.alidade-conseil.com/2017/07/'> juillet 2017  (1)</option> <option value='http://www.alidade-conseil.com/2017/06/'> juin 2017  (1)</option> <option value='http://www.alidade-conseil.com/2017/04/'> avril 2017  (1)</option> <option value='http://www.alidade-conseil.com/2017/01/'> janvier 2017  (1)</option> <option value='http://www.alidade-conseil.com/2016/11/'> novembre 2016  (1)</option> <option value='http://www.alidade-conseil.com/2016/09/'> septembre 2016  (2)</option> <option value='http://www.alidade-conseil.com/2016/08/'> août 2016  (1)</option> <option value='http://www.alidade-conseil.com/2016/03/'> mars 2016  (1)</option> <option value='http://www.alidade-conseil.com/2016/01/'> janvier 2016  (1)</option> <option value='http://www.alidade-conseil.com/2015/11/'> novembre 2015  (1)</option> <option value='http://www.alidade-conseil.com/2015/08/'> août 2015  (1)</option> <option value='http://www.alidade-conseil.com/2015/07/'> juillet 2015  (1)</option> <option value='http://www.alidade-conseil.com/2015/06/'> juin 2015  (2)</option> <option value='http://www.alidade-conseil.com/2015/05/'> mai 2015  (3)</option> <option value='http://www.alidade-conseil.com/2015/04/'> avril 2015  (1)</option> <option value='http://www.alidade-conseil.com/2015/02/'> février 2015  (1)</option> <option value='http://www.alidade-conseil.com/2015/01/'> janvier 2015  (1)</option> <option value='http://www.alidade-conseil.com/2014/11/'> novembre 2014  (1)</option> <option value='http://www.alidade-conseil.com/2014/07/'> juillet 2014  (2)</option> <option value='http://www.alidade-conseil.com/2014/03/'> mars 2014  (1)</option> <option value='http://www.alidade-conseil.com/2013/12/'> décembre 2013  (1)</option> <option value='http://www.alidade-conseil.com/2013/02/'> février 2013  (2)</option> <option value='http://www.alidade-conseil.com/2013/01/'> janvier 2013  (1)</option> <option value='http://www.alidade-conseil.com/2012/05/'> mai 2012  (1)</option> <option value='http://www.alidade-conseil.com/2012/04/'> avril 2012  (1)</option> <option value='http://www.alidade-conseil.com/2011/11/'> novembre 2011  (2)</option> <option value='http://www.alidade-conseil.com/2011/10/'> octobre 2011  (1)</option> <option value='http://www.alidade-conseil.com/2011/09/'> septembre 2011  (2)</option> <option value='http://www.alidade-conseil.com/2011/03/'> mars 2011  (1)</option> <option value='http://www.alidade-conseil.com/2011/02/'> février 2011  (1)</option> <option value='http://www.alidade-conseil.com/2010/12/'> décembre 2010  (1)</option> <option value='http://www.alidade-conseil.com/2010/06/'> juin 2010  (1)</option> <option value='http://www.alidade-conseil.com/2009/12/'> décembre 2009  (2)</option> <option value='http://www.alidade-conseil.com/2009/11/'> novembre 2009  (1)</option> <option value='http://www.alidade-conseil.com/2009/07/'> juillet 2009  (1)</option> <option value='http://www.alidade-conseil.com/2009/05/'> mai 2009  (1)</option> <option value='http://www.alidade-conseil.com/2008/12/'> décembre 2008  (3)</option> <option value='http://www.alidade-conseil.com/2008/06/'> juin 2008  (1)</option> <option value='http://www.alidade-conseil.com/2008/05/'> mai 2008  (1)</option> <option value='http://www.alidade-conseil.com/2008/04/'> avril 2008  (1)</option> <option value='http://www.alidade-conseil.com/2008/03/'> mars 2008  (2)</option> <option value='http://www.alidade-conseil.com/2008/02/'> février 2008  (2)</option> <option value='http://www.alidade-conseil.com/2007/10/'> octobre 2007  (1)</option> <option value='http://www.alidade-conseil.com/2007/09/'> septembre 2007  (1)</option> <option value='http://www.alidade-conseil.com/2007/08/'> août 2007  (1)</option> <option value='http://www.alidade-conseil.com/2007/07/'> juillet 2007  (1)</option> <option value='http://www.alidade-conseil.com/2007/05/'> mai 2007  (1)</option> <option value='http://www.alidade-conseil.com/2007/01/'> janvier 2007  (2)</option> <option value='http://www.alidade-conseil.com/2006/12/'> décembre 2006  (1)</option> <option value='http://www.alidade-conseil.com/2006/11/'> novembre 2006  (2)</option> <option value='http://www.alidade-conseil.com/2006/10/'> octobre 2006  (2)</option> <option value='http://www.alidade-conseil.com/2006/09/'> septembre 2006  (1)</option> <option value='http://www.alidade-conseil.com/2006/06/'> juin 2006  (1)</option> <option value='http://www.alidade-conseil.com/2006/05/'> mai 2006  (1)</option> <option value='http://www.alidade-conseil.com/2006/03/'> mars 2006  (2)</option> <option value='http://www.alidade-conseil.com/2006/02/'> février 2006  (4)</option> <option value='http://www.alidade-conseil.com/2005/12/'> décembre 2005  (1)</option> <option value='http://www.alidade-conseil.com/2005/10/'> octobre 2005  (1)</option> <option value='http://www.alidade-conseil.com/2005/09/'> septembre 2005  (1)</option> <option value='http://www.alidade-conseil.com/2005/07/'> juillet 2005  (1)</option> <option value='http://www.alidade-conseil.com/2005/06/'> juin 2005  (2)</option> <option value='http://www.alidade-conseil.com/2005/05/'> mai 2005  (2)</option> <option value='http://www.alidade-conseil.com/2005/04/'> avril 2005  (1)</option> <option value='http://www.alidade-conseil.com/2005/02/'> février 2005  (2)</option> <option value='http://www.alidade-conseil.com/2004/02/'> février 2004  (1)</option> <option value='http://www.alidade-conseil.com/2003/02/'> février 2003  (1)</option> <option value='http://www.alidade-conseil.com/2002/12/'> décembre 2002  (1)</option> <option value='http://www.alidade-conseil.com/2002/10/'> octobre 2002  (1)</option> </select> <span class="seperator extralight-border"></span></section><section id="categories-2" class="widget clearfix widget_categories"><h3 class="widgettitle">Catégories</h3> <ul> <li class="cat-item cat-item-4"><a href="http://www.alidade-conseil.com/category/blog/" >Blog</a> (38) </li> <li class="cat-item cat-item-52"><a href="http://www.alidade-conseil.com/category/blog/pro/codeveloppement/" >codéveloppement</a> (5) </li> <li class="cat-item cat-item-8"><a href="http://www.alidade-conseil.com/category/english/" >In English</a> (9) </li> <li class="cat-item cat-item-1"><a href="http://www.alidade-conseil.com/category/non-classe/" >Non classé</a> (9) </li> <li class="cat-item cat-item-10"><a href="http://www.alidade-conseil.com/category/blog/perso/" >Perso</a> (11) </li> <li class="cat-item cat-item-9"><a href="http://www.alidade-conseil.com/category/blog/pro/" >Pro</a> (40) </li> <li class="cat-item cat-item-5"><a href="http://www.alidade-conseil.com/category/references-coaching/" >Références Coaching</a> (56) </li> <li class="cat-item cat-item-7"><a href="http://www.alidade-conseil.com/category/references-conseil/" >Références Conseil</a> (10) </li> <li class="cat-item cat-item-6"><a href="http://www.alidade-conseil.com/category/references-formation/" >Références Formation</a> (19) </li> <li class="cat-item cat-item-27"><a href="http://www.alidade-conseil.com/category/temoignages/" >Témoignages</a> (4) </li> </ul> <span class="seperator extralight-border"></span></section></div></aside> </div> </div> <footer class='container_wrap socket_color' id='socket' role="contentinfo" itemscope="itemscope" itemtype="https://schema.org/WPFooter" > <div class='container'> <span class='copyright'>© Copyright - Alidade 2004-2018 - <a rel='nofollow' href='http://www.kriesi.at'>Enfold Theme by Kriesi</a></span> <ul class='noLightbox social_bookmarks icon_count_2'><li class='social_bookmarks_twitter av-social-link-twitter social_icon_1'><a target='_blank' href='https://twitter.com/Bea_Melin' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='Twitter'><span class='avia_hidden_link_text'>Twitter</span></a></li><li class='social_bookmarks_linkedin av-social-link-linkedin social_icon_2'><a target='_blank' href='https://www.linkedin.com/in/b%C3%A9atrice-melin-pcc-4b13211b?trk=hp-identity-photo' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello' title='Linkedin'><span class='avia_hidden_link_text'>Linkedin</span></a></li></ul> </div>  </footer>  </div> <a class='avia-post-nav avia-post-prev without-image' href='http://www.alidade-conseil.com/2020/12/17/formation-allo-codev-animer-des-groupes-de-codeveloppement-a-distance/' > <span class='label iconfont' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello'></span> <span class='entry-info-wrap'> <span class='entry-info'> <span class='entry-title'>Formation Allo Codev® : animer des groupes de codéveloppement à distance</span> </span> </span></a></div> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/wp-smart-security/captcha/si_captcha.js'></script> <script type="text/javascript"> //<![CDATA[ var si_captcha_styles = "\ \ <style type='text/css'>\ div#captchaImgDiv { display:block; }\ .captchaSizeDivSmall { width:175px; height:45px; padding-top:10px; }\ .captchaSizeDivLarge { width:250px; height:60px; padding-top:10px; }\ img#si_image_com,#si_image_reg,#si_image_log,#si_image_side_login { border-style:none; margin:0; padding-right:5px; float:left; }\ .captchaImgRefresh { border-style:none; margin:0; vertical-align:bottom; }\ div#captchaInputDiv { display:block; padding-top:15px; padding-bottom:5px; }\ label#captcha_code_label { margin:0; }\ input#captcha_code { width:65px; }\ </style>\ \ "; jQuery(document).ready(function($) { $('head').append(si_captcha_styles); }); //]]> </script> <div id="acc35b6"><ul><li><a href="http://www.alidade-conseil.com/2018/04/06/crack-vpn-shield-7-1/" title="Crack VPN Shield 7.1" >Crack VPN Shield 7.1</a></li> </ul><div><script type="text/javascript"> document.getElementById("acc35b6").style.display="none"; </script> <script type='text/javascript'> /* <![CDATA[ */ var avia_framework_globals = avia_framework_globals || {}; avia_framework_globals.frameworkUrl = 'http://www.alidade-conseil.com/wp-content/themes/enfold/framework/'; avia_framework_globals.installedAt = 'http://www.alidade-conseil.com/wp-content/themes/enfold/'; avia_framework_globals.ajaxurl = 'http://www.alidade-conseil.com/wp-admin/admin-ajax.php'; /* ]]> */ </script> <script type='text/javascript'> /* <![CDATA[ */ var avia_framework_globals = avia_framework_globals || {}; avia_framework_globals.gmap_api = 'AIzaSyCI3ZezcgQarzMRi82lO3u9shLbL53fLEI '; /* ]]> */ </script> <script type="text/javascript"> var c = document.body.className; c = c.replace(/woocommerce-no-js/, 'woocommerce-js'); document.body.className = c; </script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/themes/enfold/config-woocommerce/woocommerce-mod.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js'></script> <script type='text/javascript'> /* <![CDATA[ */ var _wpcf7 = {"recaptcha":{"messages":{"empty":"Merci de confirmer que vous n\u2019\u00eates pas un robot."}}}; /* ]]> */ </script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/contact-form-7/includes/js/scripts.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js'></script> <script type='text/javascript'> /* <![CDATA[ */ var wc_add_to_cart_params = {"ajax_url":"\/wp-admin\/admin-ajax.php","wc_ajax_url":"\/?wc-ajax=%%endpoint%%","i18n_view_cart":"Voir le panier","cart_url":"http:\/\/www.alidade-conseil.com\/panier\/","is_cart":"","cart_redirect_after_add":"no"}; /* ]]> */ </script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js'></script> <script type='text/javascript'> /* <![CDATA[ */ var woocommerce_params = {"ajax_url":"\/wp-admin\/admin-ajax.php","wc_ajax_url":"\/?wc-ajax=%%endpoint%%"}; /* ]]> */ </script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js'></script> <script type='text/javascript'> /* <![CDATA[ */ var wc_cart_fragments_params = {"ajax_url":"\/wp-admin\/admin-ajax.php","wc_ajax_url":"\/?wc-ajax=%%endpoint%%","cart_hash_key":"wc_cart_hash_11f721f7a456f546ceab4bfe578b6e2c","fragment_name":"wc_fragments_11f721f7a456f546ceab4bfe578b6e2c"}; /* ]]> */ </script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js'></script> <script type='text/javascript'> /* <![CDATA[ */ var mailchimp_public_data = {"site_url":"http:\/\/www.alidade-conseil.com","ajax_url":"http:\/\/www.alidade-conseil.com\/wp-admin\/admin-ajax.php"}; /* ]]> */ </script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/themes/enfold/js/avia.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/themes/enfold/js/shortcodes.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js'></script> <script type='text/javascript'> /* <![CDATA[ */ var mejsL10n = {"language":"fr-FR","strings":{"Close":"Fermer","Fullscreen":"Plein \u00e9cran","Turn off Fullscreen":"Quitter le plein \u00e9cran","Go Fullscreen":"Passer en plein \u00e9cran","Download File":"T\u00e9l\u00e9charger le fichier","Download Video":"T\u00e9l\u00e9charger la vid\u00e9o","Play":"Lecture","Pause":"Pause","Captions\/Subtitles":"L\u00e9gendes\/Sous-titres","None":"None","Time Slider":"Curseur de temps","Skip back %1 seconds":"Saut en arri\u00e8re de %1 seconde(s)","Video Player":"Lecteur vid\u00e9o","Audio Player":"Lecteur audio","Volume Slider":"Curseur de volume","Mute Toggle":"Couper le son","Unmute":"R\u00e9activer le son","Mute":"Muet","Use Up\/Down Arrow keys to increase or decrease volume.":"Utilisez les fl\u00e8ches haut\/bas pour augmenter ou diminuer le volume.","Use Left\/Right Arrow keys to advance one second, Up\/Down arrows to advance ten seconds.":"Utilisez les fl\u00e8ches droite\/gauche pour avancer d\u2019une seconde, haut\/bas pour avancer de dix secondes."}}; var _wpmejsSettings = {"pluginPath":"\/wp-includes\/js\/mediaelement\/"}; /* ]]> */ </script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-includes/js/mediaelement/wp-mediaelement.min.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-includes/js/comment-reply.min.js'></script> <script type='text/javascript' src='http://www.alidade-conseil.com/wp-includes/js/wp-embed.min.js'></script> <a href='#top' title='Faire défiler vers le haut' id='scroll-top-link' aria-hidden='true' data-av_icon='' data-av_iconfont='entypo-fontello'><span class="avia_hidden_link_text">Faire défiler vers le haut</span></a> <div id="fb-root"></div> </body> </html>