Firefox cross-site scripting issue

Thread Rating:

0 Vote(s) - 0 Average
1
2
3
4
5

Thread Modes

Firefox cross-site scripting issue

joelcc Offline

Offline

Member

Posts: 131
Threads: 28
Joined: Jun 2018
Reputation: 3
Location: USA

#12

11-11-2020, 07:33 PM

I am adding to this thread so everyone has the final update.

Since there is a large list of the cross site scripting (see https://portswigger.net/web-security/cro...heat-sheet) that "according to the testing company" can be used against a website through parameters, I ended up blocking all of the parameters by the servercontroller->OnParseParameter. I then wrote code to handle the params that I did want to allow.

This passed the security audit checks so I am moving on.

Find

Reply

« Next Oldest | Next Newest »

Messages In This Thread

Firefox cross-site scripting issue - by joelcc - 10-05-2020, 07:41 PM

RE: Firefox cross-site scripting issue - by joelcc - 10-06-2020, 04:42 PM

RE: Firefox cross-site scripting issue - by joelcc - 10-14-2020, 04:05 PM

RE: Firefox cross-site scripting issue - by kudzu - 10-14-2020, 04:44 PM

RE: Firefox cross-site scripting issue - by zsleo - 10-14-2020, 07:00 PM

RE: Firefox cross-site scripting issue - by Jose Nilton Pace - 10-14-2020, 10:16 PM

RE: Firefox cross-site scripting issue - by joelcc - 10-16-2020, 09:23 PM

RE: Firefox cross-site scripting issue - by Alexandre Machado - 10-19-2020, 07:56 AM

RE: Firefox cross-site scripting issue - by joelcc - 10-19-2020, 03:05 PM

RE: Firefox cross-site scripting issue - by joelcc - 10-26-2020, 01:22 PM

RE: Firefox cross-site scripting issue - by joelcc - 10-27-2020, 04:24 PM

RE: Firefox cross-site scripting issue - by joelcc - 11-11-2020, 07:33 PM

View a Printable Version

Users browsing this thread: 1 Guest(s)