Cross Site Scripting, how safe is it.
Tags: Ajax, Coldfusion, Javascript
This week I had the task of trying to fix a site that was moved to another location, and because the database with the sensitive data remained at another location I had to change the JSon methods that I was using.But I stopped and thought that the amount of work I needed to do, just to fix this was too much there had to be an easier way.
And there was. Now I am sure anyone can correct me if I am wrong, but I am under the impression that Cross Site Script blocking is to stop kackers from hijacking JS code and potential cause havoc with any data.
In my endeavour to fix the problem at hand quickly, I created a proxy that worked between the client/server to retrieve the data from another domain. Now that was the kicker I was shocked that I attempted this in the first place, but even more surprised when it actually worked and went atraight through all Cross Site Script blocks.
So how was it achieved, simple redirect the script to a proxy page on the server passing the original url that would normally be blocked and to a normal http request from the server.
Just because I was lazy enough not to rewrite all the code into WebServices, lead me to this hack.
Now I am not worried about this exploit, as the server code that I use is JSon passed strings and is open to sniffing anyway, so the data is encrypted as a measure. But on the server it has a UID tied to the clients login details and is expired when the user logs out, which means that fail that and you get jack anyway.
But I thought it would be interting to blog the exploit, as it defeats the purpose of having Cross Site Scripting block in the first place.
There are no comments for this entry.
TweetBacks