How to handle Script Attack in application

Question

We are facing issues of javascript getting embedded into message body, following is the code snippet of the javascript,

} {*\htmltag241 var DanaShimData="var DSJsFuncs = ,null,,,,[{nm:\"Refresh\",lcnm:\"refresh\",flg:0xb},{nm:\ \"Install\",flg:0xf},{nm:\"writeln\",flg:0x3f},{nm:\ "GotoURL\ \",flg:0xe},{nm:\"AddRoot\",lcnm:\"addroot\",flg:0xb},{nm:\ \"LoadURL\",lcnm:\"loadurl\",flg:0xb},{nm:\"addRule\ ",flg:0xf}, {nm:\"postURL\",lcnm:\"posturl\",flg:0x12},{nm:\ "replace\ \",flg:0x12f},],[{

Could anyone please let us know if you have observed such occurances / findings.

Any helps appreciated.

Thanks, Sudipta Ghosh

Answer 1

Try to use HTMLCodeFormat() or HTMLEditFormat().

See docs.

Answer 2

There is a project called 'AntiSammy' (http://www.antisamy.net/) which uses files to combat XSS attacks that are provided by big sites like Slashdot and eBay. You may want to look at extracting the AntiSammy code to help you.

Here is a post by Peter Freitag on using AntiSammy without ColdBox. http://www.petefreitag.com/item/760.cfm

Here are the docs for the ColdBox Framework: http://wiki.coldbox.org/wiki/Plugins:AntiSamy.cfm

Answer 3

Also make sure you use cfqueryparams, captchas or some sort of session authentication form posts.