The OWASP XSS Prevention Worksheet recommends "URL escape before inserting untrusted data into HTML URL parameter values".
I don't understand how someone could break out of a URL context or inject a new subcontext to perform a XSS attack in a URL. As the browser interprets the URL, can certain characters be used to terminate the processing of the URL and force the browser to start processing a new injected URL?
http://ift.tt/1BdGeq0 character>javascript:;alert("hello")
Can someone please provide examples of how someone would perform an XSS injection in a URL?
Aucun commentaire:
Enregistrer un commentaire