Tagged Questions
2
votes
3answers
108 views
sanitizing likes/unlikes in application?
I've got a function in my app where users can click on a "thumbs up" image and a like is recorded in the database; all that's recorded is the user's ID and the ID of the post that the user liked.
I ...
2
votes
1answer
90 views
javascript:alert(“test”); command does not work
Hello! As I have done before and also have read in many web sites, that just simply writing:
javascript:alert(document.cookie);
should work on any web page.
But now, I was not able to execute it. I ...
0
votes
2answers
132 views
Best Approach for removing XSS Vulnerability
I have been developing a Webobjects application, and I found that my application is vulnerable to XSS through URL, but not when malicious input like <script>alert("hi")</script> is input ...
2
votes
2answers
311 views
Removing Google Analytics cookie string from URL - security hole?
On our site, we use google analytics and we have to put the GA cookie in the URL since we have a two letter domain and IE imposes some cookie limitations on those. This means that when going between ...
4
votes
1answer
467 views
Is this jQuery ajax call vulnerable to XSS?
If somebody can edit $("#field").val(), can they change the url property here to point to another location?
$.ajax({
url: "http://mywebsite/script?param=" + $("#field").val(),
dataType: "jsonp",
...
6
votes
3answers
283 views
How bad is a Self Contained XSS attack?
Some of you might be familiar with this attack called Self Contained XSS. I recently stumbled upon this article about it. So how bad this kind of attack can be, even though this doesn't have access to ...
0
votes
2answers
191 views
DOM XSS : Need Help
I was trying my hands at DOM based XSS. I came across a scenario where user controlled string from the URL is included in javascript as below
var userControlled=substring of URL;
...
7
votes
1answer
167 views
Closing an HTML element without using literal slashes?
I'm investigating a vulnerability in an application that echoes a user-supplied filename without sanitizing the filename.
E.g. a file named test-<script>alert("evil");.txt will result in that ...
4
votes
3answers
319 views
How serious are XSS attacks
A website I visit allows this kind of attack, to be implemented with GET in the URL
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
Along with many others on this page: ...
16
votes
2answers
426 views
JavaScript written only with brackets?
I once saw JavaScript code which was only written as multiple brackets (). Does anybody remember this kind of code? There was also an online converter to convert "normal" JS into this style of code. I ...
8
votes
1answer
364 views
Does the practice of blocking an off-site “Referer:” HTTP requests improve website security?
Is there any benefit for a security-paranoid website to disallow HTTP requests that have a Referer: from 3rd party sites?
The pitch is that if such a HTTP request were to come in, then certain XSS ...
2
votes
5answers
172 views
Is it possible to see if a script on a website steals session cookies?
I'm looking as some web analytics solutions, I know it sounds paranoid. but cookie-based web analytics need for you to paste their JavaScript code on your web-site.
I don't like the idea too much of ...
10
votes
5answers
510 views
Solution to allow JavaScript input but prevent XSS
We have a simple Blog system that allows users to input html and JavaScript to build a blog page. I'm aware that allowing javascript open up the door to xss attacks. We do however need to allow users ...
3
votes
2answers
552 views
How to protect from new Javascript Injection technique that doesn't use eval()?
There is a new Javascript injection technique that is generating chatter on the forums mentioned here
Here is the code sample:
String.prototype.code = function(){ return (new Function('with(this) { ...
0
votes
1answer
133 views
Replicating javascript actions from different website (XSS?)
I've got html / javascript code on my site like this:
<a ...
