-
Kalpit Kothari authoredSummary: Related T1690 Added client side xss filter > Save code now is vulnerable to XSS attack. > > Steps to reproduce- > > Remove the validation from client side (with dev tools) > Enter this url in origin url > > https://github.com/%3Cscript%3Ealert(document.domain);%3C/script%3E > > We should add more validations at the server side to prevent such urls from entering into the database. For server side validations, I was thinking of preventing regex /.*(%3C).*(%3E)/ and /.*(javascript:).*/ There may be a few more cases we need to take care of. Or should we check if the url returns 200 or not before entering it to the table. Reviewers: #reviewers, anlambert Reviewed By: #reviewers, anlambert Subscribers: anlambert, vlorentz Differential Revision: https://forge.softwareheritage.org/D1433
Kalpit Kothari authoredSummary: Related T1690 Added client side xss filter > Save code now is vulnerable to XSS attack. > > Steps to reproduce- > > Remove the validation from client side (with dev tools) > Enter this url in origin url > > https://github.com/%3Cscript%3Ealert(document.domain);%3C/script%3E > > We should add more validations at the server side to prevent such urls from entering into the database. For server side validations, I was thinking of preventing regex /.*(%3C).*(%3E)/ and /.*(javascript:).*/ There may be a few more cases we need to take care of. Or should we check if the url returns 200 or not before entering it to the table. Reviewers: #reviewers, anlambert Reviewed By: #reviewers, anlambert Subscribers: anlambert, vlorentz Differential Revision: https://forge.softwareheritage.org/D1433
CONTRIBUTORS 52 B