Skip to content

Fix xss vulnerability in origin save

Kalpit Kothari requested to merge generated-differential-D1433-source into generated-differential-D1433-target

Related #1690 (closed) Added client side xss filter

Save code now is vulnerable to XSS attack.

Steps to reproduce-

Remove the validation from client side (with dev tools)
Enter this url in origin url

https://github.com/%3Cscript%3Ealert(document.domain);%3C/script%3E

We should add more validations at the server side to prevent such urls from entering into the database.

For server side validations, I was thinking of preventing regex /.(%3C).(%3E)/ and /.(javascript:)./ There may be a few more cases we need to take care of.

Or should we check if the url returns 200 or not before entering it to the table.

Migrated from D1433 (view on Phabricator)

Merge request reports