[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <40F69365.7030502@sdf.lonestar.org>
From: bkfsec at sdf.lonestar.org (Barry Fitzgerald)
Subject: Exploits in websites due to buggy input validation
where mozilla is at fault as well as the website.
Seth Alan Woolley wrote:
>
>Is it just me or is that behavior idiotic? I've seen this bug in
>_multiple_ scripts I've audited. For that reason, I feel much less safe
>signing up for cookies on websites that I haven't audited myself for
>this problem. Since it is a script tag, that could open many a hole
>later down the line that I haven't mentioned as well. It's just another
>reason to disable javascript and never use cookies for authentication.
>
>
>
>
I see where you're coming from on this. It enables a number of
cross-site scripting attacks.
I also see where they're coming from, though. If you don't complete the
tags prior to processing, it could cause (at best) issues in the page or
(at worst) could allow improper nesting to get around improper code
restrictions (as was recently seen on internet explorer).
I think that the best solution might be to display a dialogue box before
it tries to fix the tags stating that the page contains potentially
unsafe incomplete tags and asking whether the browser should repair them
or not.
-Barry
Powered by blists - more mailing lists