Javascript Insertion exploits
From: Shabam (blislecp_at_hotmail.com)
Date: 09/29/04
- Next message: Guy Macon: "Re: exploring the use of manual encryption of passwords (newbie)"
- Previous message: Peter C. Chapin: "Re: Where to store id/password on the net?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Sep 2004 05:59:16 -0700
I have an application that allows users to input certain html tags via a
markup code (like "[img]http://www.sfd.com/image.gif[/img]"). The
application then translates that into real html for output. I've also had
the application translate "<" to "<" and ">" to ">" to prevent direct
html input by the user.
By doing this I basically allow users to input certain html tags, while not
giving them full permission to mess with the site.
However, I was made aware of cross-site scripting flaws which allow a user
to input something like "[img]javascript:alert(document.cookie)[/img]".
This would be translated into "<img
src="javascript:alert(document.cookie)">", which obviously is not good.
My question is, besides this javascript string, what others are there to
filter for, to prevent this type of attack?
- Next message: Guy Macon: "Re: exploring the use of manual encryption of passwords (newbie)"
- Previous message: Peter C. Chapin: "Re: Where to store id/password on the net?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
