Hi, our company has made a website for our client. The client hired a webs security company to test the pages for security before the product launches. We've removed most of our XSS problems. We developed the website with zend. We add the StripTags, StringTrim and HtmlEntities filters to the order form elements. They ran another test a...
Hi, I'm writing a servlet-based application in which I need to provide a messaging system. I'm in a rush, so I choose CKEditor to provide editing capabilities, and I currently insert the generated html directly in the weg page displaying all messages (messages are stored in a MySQL databse, fyi). CKEditor already filters HTML based on a ...
Is this good enough to avoid a SQL injection? mysql_real_escape_string(htmlentities (urlencode($_POST['postmessage']))); ...
Hi, I am starting to have a look at HTML form security. So far my research revealed three main attack vectors: Cross-site request forgery (CSRF) Cross-site scripting (XSS) SQL Injection My question is: Are there more attack vectors for HTML forms than these? I am interested in a list of possible attacks through HTML forms. ...
I'm looking for a java library that can provide protection against XSS attacks. I'm writing a server, and would like to validate my user's input doesn't contain malicious javascript. Which library would you recommend? ...
I have a PHP web applications. I do NOT want to allow users to post HTML to my site. If I simply run strip_tags() on all data prior to saving into my database, will strip_tags() be enough to prevent XSS? I ask because it's unclear to me from reading the documentation of strip_tags if XSS is prevented. There seems to be some bug with br...
Is it possible to use cross site scripting in a CSS stylesheet? For example a reference stylesheet contains malicious code, how would you do this? I know you can use style tags but what about stylesheets? ...
In our web application we have run into the situation where we need to do a cross-domain AJAX calls from one domain we fully control to another domain we fully control. I've been surfing around for the best solution and the two that come to mind are a local file proxy (local file using php::fopen) or jquery/JSONP. When I look up online ...
Hi, In Internet Explorer 6, there is a setting to add the domains to trustred sites to overcome cross site scripting. Is there any such setting available in Firefox browser? Thanks. ...
Just curious if anyone can explain to me why I can request a page from a bookmarklet like this one: javascript:var%20s=document.createElement('script');var data=encodeURI(location.href)+encodeURI('\n\n')+(encodeURI(document.getElementsByTagName('body')[0].innerHTML));s.setAttribute('src','http://example.com/remote.php?id=68&act=new&...
I am working on an public facing interface that makes use of a database that is effectively untrusted due to multiple applications accessing it. I would like a clean way of encoding all my output to UTF-8 with htmlentities to prevent XSS. Codeigniter (CI) has nothing built in. The filter that is there is meant for input and does not ac...
I have seen a lot of conflicting answers about this. Many people love to quote that php functions alone will not protect you from xss. What XSS exactly can make it through htmlspecialchars and what can make it through htmlentities? I understand the difference between the functions but not the different levels of xss protection you are ...
I'm new to ColdFusion, so I'm not sure if there's an easy way to do this. I've been assigned to fix XSS vulnerabilities site-wide on this CF site. Unfortunately, there are tons of pages that are taking user input, and it would be near impossible to go in and modify them all. Is there a way (in CF or JS) to easily prevent XSS attacks acr...
Hi, I need to set a cookie to keep user login state. I'm going to hash username, password and IP. My code: login process: $hashed = md5($username.$pwd.IP); setcookie('userstate', $username.':'.$hashed); restore user state: $vars = split(':', $_COOKIE['userstate']); pseudo: get user with username in $vars[0] $hashed = md5($username.$pwd...
On my site, I want to allow users to add reference to images which are hosted anywhere on the internet. These images can then be seen by all users of my site. As far as I understand, this could open the risk of cross site scripting, as in the following scenario: User A adds a link to a gif which he hosts on his own webserver. This webser...
I'm not sure why but I haven't really been able to find the right resource for this which helps me understand the best practice here, but say I have an application, that I want to make an Ajax request to another application. Say app A's domain name is: www.example.com, and I want to make a request to www.someapplication.com Can I do so...
I am accepting user text in a form and echoing it back on the page (the code goes to the database as well but that is prepared queries so no worries there). I wanted to know if there are any possible security implications that can be caused by it? On the server side I mean, i know on the client side you can break but can you reach server...
I'm trying to sanitize and XSS-proof some HTML input from the client. I'm using Python 2.6 with Beautiful Soup. I parse the input, strip all tags and attributes not in a whitelist, and transform the tree back into a string. However... >>> unicode(BeautifulSoup('text < text')) u'text < text' That doesn't look like valid HTML to me. An...
My data coming from the database might contain some html. If I use string dataFromDb = "Some text<br />some more <br><ul><li>item 1</li></ul>"; HttpContext.Current.Server.HtmlEncode(dateFromDb); Then everything gets encoded and I see the safe Html on the screen. However, I want to be able to execute the safe html as noted in the data...
I'm trying to have a better knowledge about this topic. So far I've found these: Towards Automated Malicious Code Detection and Removal on the Web [PDF] Ruby On Rails Security Guide (It's RoR specific but it covers a lot of topics, including XSS) Cross-Site Scripting (XSS examples) Do you know some useful link? ...