Closed
Bug 362235
Opened 18 years ago
Closed 14 years ago
don't parse <script/xss> as a script tag
Categories
(Core :: DOM: HTML Parser, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: BijuMailList, Unassigned)
References
Details
(Keywords: testcase)
Attachments
(1 file)
|
353 bytes,
text/html
|
Details |
Currently firefox treat
<p>some content</p>
<script/xss src="data:,alert('should not see alert')"></script>
<p>some other content</p>
as if it was
<p>some content</p>
<script src="data:,alert%28%27should%20not%20see%20alert%27%29"></script>
<p>some other content</p>
to reduce XSS, if there is an invalid node name charcter in aby TAG please display the TAG as a
text.
<p>some content</p>
<script/xss src="data:,alert('should not see alert')">
<p>some other content</p>
see attachment script_tag_xss.html
PS: close this bug if it is against HTML sec.
credits http://ha.ckers.org/xss.html
|
||
Updated•18 years ago
|
Assignee: nobody → mrbkap
Component: Layout → HTML: Parser
QA Contact: layout → parser
|
||
Comment 3•18 years ago
|
||
What do other browsers do?
(In reply to comment #3) > What do other browsers do? same, as per http://ha.ckers.org/xss.html I tried it in IE, got same result you can test it at http://www.w3schools.com/html/tryit.asp?filename=tryhtml_basic using <SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
||
Updated•15 years ago
|
Assignee: mrbkap → nobody
|
|
||
Updated•14 years ago
|
Summary: dont process <script/xss → don't parse <script/xss> as a script tag
|
||
Comment 5•14 years ago
|
||
Per HTML5, the <SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT> must be treated equivalently to <SCRIPT XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>. > PS: close this bug if it is against HTML sec. Marking invalid.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•