Reputation: 71
Is my code vulnerable to XSS?
I have my website https://xx.com/guides
When i scan my website i get this:
Issue detail: The application may be vulnerable to DOM-based cross-site scripting. Data is read from window.location.href and written to $() via the following statement:
$('.page-sidebar a[href="' + window.location.href + '"]') .addClass('selected')
Maybe it's caused by this code:
<script>
$(function() {
$('.page-sidebar a[href="' + window.location.href + '"]').addClass('selected')
})
</script>
I tried to generate a POC https://xx.com/guides?"]);alert(2) but still no luck
- My browser has disabled XSS filtering
I am cetrtain that DOM xss is possible
I need help generating POC!
Full code : http://pastebin.com/Bs4vuUH3
Upvotes: 0
Views: 486
Answers (2)
Reputation: 324820
Considering you seem unable to spell "vulnerable" to save your life, here's an answer that's as simple as I can make it.
Is your code vulnerable? No.
But it's still not a good idea.
Instead, consider something like this - it's more complex, but much more reliable:
$(".page-sidebar a").filter(function() {
return this.href == window.location.href;
}).addClass("selected");
The reason is, let's say I have this link:
<a href="/">
On this page, that would link to http://stackoverflow.com/. But quite clearly, http://stackoverflow.com/ and / are not at all the same. They would not be found by your code. My code, however, uses fully resolved addresses and will work.
Upvotes: 0
Reputation: 944526
No. While you make use of externally inputted data, you never inject it into the DOM.
Upvotes: 1
Related Questions
- How to prevent XSS in the following code?
- Is this vulnerable to dom-based xss?
- Is this vulnerable to XSS?
- Avoid XSS and allow some html tags with JavaScript
- Is my PHP code vulnerable to XSS?
- why is this not xss vulnerable?
- Is this code vulnerable to XSS attacks?
- How to fix XSS vulnerability in this code?
- Potential jQuery XSS
- Could this have caused an XSS vulnerability?