Reputation: 4698
XSS Vulnerabilities for HTML link tags
The security team ran a vulnerability check on my website, which is showing a lot of XSS vulnerabilities.
All the vulnerabilities can be categorized in to the below three:
Script include after double quote: For the link tags, it shows that a script can be added after the double quote of an href attribute as below:
<link rel = "canonical" href="http://www.unitedforever/about/alliance/?"><script src=as213eS.js>
A tag after double quote:
<link rel = "canonical" href="http://www.unitedforever/about/alliance/?"<a href=javascript:alert(12312)>aa</a>
SVG tag after double quote:
<link rel = "canonical" href="http://www.unitedforever/about/alliance/?"><svg onload=alert(12321)>
Googling didn't help much on how to prevent these types of vulnerabilities. Any suggestions?
Upvotes: 0
Views: 3308
Answers (1)
Reputation: 4826
Systematically encode data when you include it in the html (preferably use a framework that does it for you by default). Encode if in function of the context. To include it between two tags, in an attribute, or inside javascript, you need to encode it differently. That's why you encode it when you need to use it, not in database.
Use CSP (content security policy) to detect and prevent XSS to do too much damages in case you miss something.
Upvotes: 1
Related Questions
- XSS without HTML tags
- How exactly are HTML links interpreted? Are tab characters special?
- Protect XSS issue only by replacing '<' and '>'
- XHTML - What elements are allowed within the <a> element?
- Mitigate xss attacks when building links
- Risks of allowing users to create links?
- href security, prevent xss attack
- Creation of XSS vulnerable web page
- Securely rendering hyperlinks in untrusted text
- Removing Javascript from HREFs