FTalk

Welcome guest! Please Log in or Register.

Pages: 12

[color=blue][b]Description:[/b][/color] Actually our current js linker, especially the one on the current generator has a security hole that makes people be able put some kinda malicious script by ins

You are viewing a post by myparis. View all 27 posts in [color=blue][b]Description:[/b][/color] Actually our current js linker, especially the one on the current generator has a security hole that makes people be able put some kinda malicious script by ins.

2008-06-30 03:39:12

myparis: » FTalker; 118; 0; 1969-12-31

Re: [color=blue][b]Description:[/b][/color] Actually our current js linker, especially the one on the current generator has a security hole that makes people be able put some kinda malicious script by ins

i got the best solution!

No more ID required

Put your linker only in mediabox [color=#DDDDDD]_____________________________________________________________________[/color] [color=#DDDDDD][b][CODES][/b][/color] In your Mediabox: [quote]<STYLE title="[color=#FF0000][b]MAIN_JS_FILE_DOT_JS[/b][/color]">@import'[color=#00AA00][b]LINKER_DOT_CSS[/b][/color]';</STYLE>[/quote] [color=#DDDDDD]_____________________________________________________________________[/color] [color=#00AA00][b]LINKER_DOT_CSS[/b][/color] [quote]body{ -moz-binding:url('[color=#0000CC][b]XML_DOT_XML[/b][/color]#[color=#0000CC][b]BINDING_ID[/b][/color]'); width:expression( function ulol(){ a=document; b=a.createElement('script'); b.type='text/javascript'; function c(z){return a.getElementsByTagName(z)} d=c('style'); b.src=d[d.length-1].title; c('head')[0].appendChild(b); }window.onload=ulol ) }[/quote] [color=#DDDDDD]_____________________________________________________________________[/color] [color=#0000CC][b]XML_DOT_XML[/b][/color] [quote]<?xml version="1.0"?> <bindings xmlns="http://www.mozilla.org/xbl"> <binding id="[color=#0000CC][b]BINDING_ID[/b][/color]"> <implementation> <constructor> <![CDATA[a=document;b=a.createElement('script');b.type='text/javascript';function c(z){return a.getElementsByTagName(z)}d=c('style');b.src=d[d.length-1].title;c('head')[0].appendChild(b); ]]> </constructor> </implementation> </binding> </bindings>[/quote] [color=#DDDDDD]_____________________________________________________________________[/color] [color=#FF0000][b]MAIN_JS_FILE_DOT_JS[/b][/color] [quote][i]your codes...[/i] [i]your codes...[/i] [i]your codes...[/i][/quote] [color=#DDDDDD][b][/CODES][/b][/color] [color=#DDDDDD]_____________________________________________________________________[/color] [b]IMPORTANT FILES:[/b] [color=#00AA00][b]LINKER_DOT_CSS[/b][/color] [color=#0000CC][b]XML_DOT_XML[/b][/color] [color=#FF0000][b]MAIN_JS_FILE_DOT_JS[/b][/color] and the linker in mediabox: [quote]<STYLE title="[color=#FF0000][b]MAIN_JS_FILE_DOT_JS[/b][/color]">@import'[color=#00AA00][b]LINKER_DOT_CSS[/b][/color]';</STYLE>[/quote] [color=#DDDDDD]_____________________________________________________________________[/color] [b]EXPLANATION:[/b] The recipe code [quote]a=document; b=a.createElement('script'); b.type='text/javascript'; function c(z){return a.getElementsByTagName(z)} d=c('style'); b.src=d[d.length-1].title; c('head')[0].appendChild(b);[/quote] that is use in [color=#00AA00][b]LINKER_DOT_CSS[/b][/color] and [color=#0000CC][b]XML_DOT_XML[/b][/color] will get the title of the last instance of a [b]<style>[/b] tag in the page. So make sure that your linker is placed in Mediabox. [color=#DDDDDD]_____________________________________________________________________[/color] Did it help you?

Last edited by myparis (2008-06-30 03:41:35)

Like |
Dislike

friendster

FTalk

[color=blue][b]Description:[/b][/color] Actually our current js linker, especially the one on the current generator has a security hole that makes people be able put some kinda malicious script by ins

2008-06-30 03:39:12

Re: [color=blue][b]Description:[/b][/color] Actually our current js linker, especially the one on the current generator has a security hole that makes people be able put some kinda malicious script by ins

Board footer