This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

User talk:Jeff Williams

From OWASP
Revision as of 19:43, 5 November 2009 by Jeff Williams (talk | contribs)

Jump to: navigation, search

Injecting DOWN
The less common way to perform XSS injection is to introduce a code subcontext without closing the current context. For example, if you change <img src="...UNTRUSTED DATA HERE..." /> to <img src="javascript:alert(1)" /> you do not have to escape the HTML attribute context. Instead, you introduce context that allows scripting within the src attribute. Another example is the expression() functionality in CSS properties. Even though you may not be able to escape a quoted CSS property to inject up, you may be able to introduce something like xss:expression(document.write(document.cookie)) without ever leaving the current context.
Retrieved from "https://wiki.owasp.org/index.php?title=User_talk:Jeff_Williams&oldid=72708"