[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cross-Site Scripting vulnerability in Mozilla, Firefox and Chrome
I agree completely with mz,
This is just how FireFox works, the data:text/html,base64;somestringinbase64== is just pure functionality. The redirection parameters is not equal to a vulnerability since as mz said, the attacker could just redirect to his own site.
The best way to defend against any Cross Site Scripting attacks is to sanitize all inputs and outputs properly on your website and perhaps run NoScript as an extra safety precaution as well.
> needed to use data: URI, which will be containing requisite JS code.
> [...] After I informed Mozilla, they declined to fix this vulnerability.
"Refresh" or "Location" redirection in Firefox will not bestow a
security context derived from the referring site upon the executed
Granted, it and also somewhat counterintuitive, as other types of
data: navigation - e.g., link navigation, IFRAMEd content, location.*
updates - do inherit that context.
This means that there is nothing to be gained by redirecting to data:
through www.example.com; he could as well just redirect to his own