Firewall Wizards mailing list archives
Re: preventing XSS and SQL injection?
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Thu, 02 Jun 2005 15:03:36 -0400
ArkanoiD wrote:
Are there any hints on preventing cross-site scripting attacks and SQL injection on proxy firewall by, say, applying some regexps on url data?
Instead of trying to block what is bad, permit only what is good. Can you observe your legitimate traffic and converge forward on a set of regexps that define what "good" looks like? Then deny all else. You might be able to do that in a fairly straightforward manner using Squid proxy cache ACLs. mjr. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? David Thiel (Jun 02)
- Re: preventing XSS and SQL injection? Devdas Bhagat (Jun 02)
- <Possible follow-ups>
- Re: preventing XSS and SQL injection? J. Oquendo (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- RE: preventing XSS and SQL injection? Behm, Jeffrey L. (Jun 02)
- Re: preventing XSS and SQL injection? J. Oquendo (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)