The following functions needs to be inspected for XSS as they might be 'possible' pointers to XSS. They could be a pointer to possible xss attacks:
eval()
document.write()
innerHTML()
write()
Safe function:
Instead of using innerHTML, one should use innerText()
XSS payload in Jason and their effects:
A nice example from iSec Partners:
var inboundJSON = {"people": [
{"name": "Joel", "address": “<script>badStuff();</script>", "phone": “911"}
]
};
someObject.innerHTML(inboundJSON.people[0].address); // Vulnerable
document.write(inboundJSON.people[0].address); // Vulnerable
someObject.innerText(inboundJSON.people[0].address // Not Vulnerable
{"name": "Joel", "address": “<script>badStuff();</script>", "phone": “911"}
]
};
someObject.innerHTML(inboundJSON.people[0].address); // Vulnerable
document.write(inboundJSON.people[0].address); // Vulnerable
someObject.innerText(inboundJSON.people[0].address // Not Vulnerable
Posts
1 comment:
the innerText()function is not entirely fault free, when u process the following inbound json:
var inboundJSON = {"people": [
{"name": "Joel", "address": “badStuff();", "phone": “911"}
]
};
someObject.innerHTML(inboundJSON.people[0].address);
when "someobject" or the target element is script the above statement becomes vulnerable. Because innerText will execute anything that goes inside the script tag.
Post a Comment