#15 ✓ resolved
Jason Garber

filter_html lets through malformed tags

Reported by Jason Garber | July 17th, 2008 @ 10:37 AM | in 4.0

RedCloth.new("<script src=http://ha.ckers.org/xss.js></script", [:filter_html]).to_html

Comes out unfiltered as: "<script src=http://ha.ckers.org/xss.js></script"

A security liability since a browser would handle the malformed script tag.

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

RedCloth is a Ruby library for converting Textile into HTML

Shared Ticket Bins

People watching this ticket

Referenced by

Pages