Bugtraq mailing list archives

Re: recent 'cross site scripting' CERT advisory

From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Wed, 9 Feb 2000 08:29:11 +0100


Taneli Huuskonen wrote:


Now, if trusted.com's
webserver refused to serve anything else but the index page unless the
Referer: field contained a trusted.com URL, this attack would be foiled.

Now, is there a way to trick a browser into lying about the referrer?


According to
http://www.securiteam.com/securitynews/DHTML_makes_HTTP_REFERER_an_unreliable_sanity_check.html

it is possible for DHTML to lie about the referer.

(I believe this was originally a post here on Bugtraq, but I might
be wrong; could be some other mailing list I'm on too..)

/Mike

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK
Phone: +46 (0)660 105 50           Fax: +46 (0)660 122 50
Mobile: +46 (0)70 248 00 33
WWW: http://www.enternet.se        E-mail: mikael.olsson () enternet se

Current thread:

recent 'cross site scripting' CERT advisory, (continued)
- - - recent 'cross site scripting' CERT advisory Tim Hollebeek (Feb 04)
    - Re: recent 'cross site scripting' CERT advisory Marc Slemko (Feb 05)
    - Re: recent 'cross site scripting' CERT advisory Manuel Martin (Feb 08)
    - Novell BorderManager 3.5 Remote Slow Death Chicken Man (Feb 08)
    - Re: Novell BorderManager 3.5 Remote Slow Death Ron van Daal (Feb 09)
    - Re: Novell BorderManager 3.5 Remote Slow Death Puchatek (Feb 11)
    - Re: recent 'cross site scripting' CERT advisory Bill Thompson (Feb 06)
    - Re: recent 'cross site scripting' CERT advisory Ari Gordon-Schlosberg (Feb 07)
    - Re: recent 'cross site scripting' CERT advisory Taneli Huuskonen (Feb 07)
    - Re: recent 'cross site scripting' CERT advisory Peter W (Feb 08)
    - Re: recent 'cross site scripting' CERT advisory Mikael Olsson (Feb 08)
    - Re: recent 'cross site scripting' CERT advisory Henri Torgemane (Feb 08)
    - Re: 'cross site scripting' defenses flynngn () JMU EDU (Feb 06)
    - Microsoft Security Bulletin (MS00-004) Microsoft Product Security (Feb 04)
    - Sprint PCS vulnerable to malicious tags Paul Schreiber (Feb 04)
  - Re: Bypass Virus Checking minus (Feb 03)
- Re: Bypass Virus Checking salme () US IBM COM (Feb 01)
- Re: Bypass Virus Checking Uwe Schurig (Feb 02)
- Re: Bypass Virus Checking Neil Bortnak (Feb 02)
  - Re: Bypass Virus Checking Nick FitzGerald (Feb 03)
- Re: Bypass Virus Checking Winkelmann, Brian (Feb 02)

(Thread continues...)