xss

Is there any safe way to keep rest auth token on the client side for SPA?

佐手、 提交于 2019-12-20 02:15:09
问题 If we get token from the rest server and use AuthorizationToken header in every request for authorization, we still need to keep it when the browser's page is closed. The only universal way to do it is to put the token to cookies. But in such way even if the cookies are not used for authentication, they can be stolen by XSS. And we can't use httpOnly flag. So: Are there any other specific ways to protect the token and keep it safe? If HTTPS is used during the whole session and the cookies

Dynamically load JavaScript with JavaScript

拜拜、爱过 提交于 2019-12-20 00:59:27
问题 After over an hour of trying to get it to work I'm thinking it's because of cross domain policies, but I really thought this would work. I can't find a lot of info on it either. But, here is my issue. I have a site called http://mysite.com and then I include a 3rd party script (what im writing) and its at http://supercoolsite.com/api/script.js and this script needs to dynamically load the google maps api at: http://maps.google.com/maps/api/js?sensor=false before it runs. Well, i figured this

web安全

时光总嘲笑我的痴心妄想 提交于 2019-12-19 23:08:35
web安全 安全测试 安全测试 Burpsuite/Fiddler/Charlesproxy Httpfox/Hackbar/User Agent Switcher/Poster Curl Sqlmap 入侵演练 DVWA/WebGoatWebGoat 反病毒 clamAV、Rootkit Hunter 漏洞扫描 openvas、nessus、appscan、wvs、netsparker 入侵检测 AIDE/tripwire 前端漏洞 任意重定向; 点击劫持; XSS; CSRF; 任意重定向 Web应用程序经常将用户重定向和转发到其他网页和网站,并且利用不可信的数据去判定目的页面。 如果没有得到适当验证,攻击者可以重定向受害用户到钓鱼软件或恶意网站,或者使用转发去访问未授权的页面。 危害:钓鱼过 URL安全扫描 数据泄露 限制重定向范围(白名单) t.cn,内部引入URL安全扫描(黑名单) <?php //某厂页面 header(‘location:’.$_GET[‘url’]); <?php $urlData = parse_url($_GET['url']); if(substr($urlData['host'],-10) =='.baidu.com') { header('location:'.$_GET['url']); } 点击劫持 点击劫持,clickjacking

Client DOM Open Redirect for javascript

荒凉一梦 提交于 2019-12-19 11:47:20
问题 I'm getting Client DOM Open Redirect security issue on scan for the following piece of code. The issue shows up where I'm initializing the variables 'myPath' and 'myHost'. I'm not able to understand how is that open to phising attack and how do I fix it. Could anyone please help? var query = this.value; var myPath = window.location.href.substring(window.location.href.indexOf("/myapp"), window.location.href.indexOf(".html")); var myHost = window.location.href.substring(0, window.location.href

Protection against CSRF and XSS (Hashing + Encrypting)

痞子三分冷 提交于 2019-12-19 04:11:01
问题 Security. Today, no application can survive the internet if it does not have proper security programmed into it - either by the framework used by the developer, or by the developer himself. I am currently developing a RESTful API to work using Bearer token authentication but have been reading about XSS and CSRF attacks. Question 1) From what I've read, I see that applications consuming RESTful APIs that use token-based authentication are vulnerable to XSS and not CSRF if the token is stored

How to exploit HTTP header XSS vulnerability?

不羁的心 提交于 2019-12-19 04:07:46
问题 Let's say that a page is just printing the value of the HTTP 'referer' header with no escaping. So the page is vulnerable to an XSS attack, i.e. an attacker can craft a GET request with a referer header containing something like <script>alert('xss');</script> . But how can you actually use this to attack a target? How can the attacker make the target issue that specific request with that specific header? 回答1: This sounds like a standard reflected XSS attack. In reflected XSS attacks, the

Remove XSS attacks while still allowing html?

一笑奈何 提交于 2019-12-19 03:43:35
问题 Ok, now I have a dilemma, I need to allow users to insert raw HTML but also block out all JS - not just script tags but from the href etc. at the moment, all I know of is htmlspecialchars($string, ENT_QUOTES, 'UTF-8'); But this also converts valid tags into encoded characters. If I use striptags, it also doesn't work as it removes tags! (I know that you can allow tags but the thing is if I allow any tags such as <a></a> people can add malicious JS to it. Is there anything I can do to allow

Synchronous cross sub-domain POST request with jQuery

跟風遠走 提交于 2019-12-19 03:13:46
问题 I'm trying to do a cross domain POST request and have hit a wall (or two). I can't put a proxy page on the server - so that is not an option. I have researched getJSON, which works great except that I need to POST not GET. Is it possible to do this? If it is not , can someone explain to me how getJSON works and why I cannot make a POST alternative. 回答1: You CANNOT make a cross-domain request (GET / POST / etc.) with an XMLHttpRequest (aka AJAX). What you can do, when the server supports it,

Prevent HTML form action from being changed

耗尽温柔 提交于 2019-12-18 15:54:47
问题 I have a form on my page where users enter their credit card data. Is it possible in HTML to mark the form's action being constant to prevent malicious JavaScript from changing the form's action property? I can imagine an XSS attack which changes the form URL to make users posting their secret data to the attacker's site. Is it possible? Or, is there a different feature in web browsers which prevents these kinds of attacks from happening? 回答1: This kind of attack is possible, but this is the

What makes JSFiddle secure from XSS based attacks? [closed]

。_饼干妹妹 提交于 2019-12-18 12:47:46
问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 months ago . I am curious, what makes www.jsfiddle.net secure from XSS based attacks? They have a support for accounts so clearly any script they run on the browser may do evil things. 回答1: If you look at the results pane for a fiddle you'll notice that it's actually an IFRAME pointing to a different domain which means that
订阅 xss