WebApp Sec mailing list archives
Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers
From: Amit Klein <aksecurity () gmail com>
Date: Fri, 17 Aug 2007 11:49:16 +0200
Jeremiah Grossman wrote:
For one, it doesn't fully handle situations in which the XSS payload can write compromised data to another (publicly accessible, or at least attacker accessible) part of the site. For example, an XSS payload may take the cookie value and "store" it in another part of the site, such as a page to where comments can be submitted. The attacker then only needs to frequently poll this section of the site and collect the data.According to my understanding of content restrictions, this would depend on:
But these restrictions were not mentioned in the original posting...
1) The policy allowing the code to execute from wherever it echoed.
Ah, but with this restriction, XSS would not be possible in the first place (in that specific plication)...
2) The policy allowing document.cookie
Right.
of course, nothing says that a website would have such a policy or that its written well... but the spec should be able to accommodate this restriction.
Indeed. -Amit ------------------------------------------------------------------------- Sponsored by: Watchfire The Twelve Most Common Application-level Hack AttacksHackers continue to add billions to the cost of doing business online despite security executives' efforts to prevent malicious attacks. This whitepaper identifies the most common methods of attacks that we have seen, and outlines a guideline for developing secure web applications. Download today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe --------------------------------------------------------------------------
Current thread:
- Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers James Landis (Aug 15)
- <Possible follow-ups>
- Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers Amit Klein (Aug 15)
- Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers Ryan Barnett (Aug 15)
- Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers Amit Klein (Aug 15)
- Message not available
- Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers Amit Klein (Aug 15)
- Message not available