A Quick Look at Cross Site Scripting - The hidden link
(Page 4 of 6 )

Adding JavaScript code into querystrings is a quite easy stuff to get done, so the same concept is applied to regular links. This is easily deductible, since all of the previous examples presented have manipulated absolute links directly from the location bar. Thus, relative and absolute links within documents or email messages can be tampered too.

An example is useful to properly understand how this technique works:

<a href=”http://www.yourdomain.com/welcomedir/
welcomepage.php?name=<script language=javascript>window.location=’
http://www.evilsite.com’;</script>”>healthy food</a>

If we take a deeper look at the code above listed, we can see clearly what’s going on. Within the regular link, the JavaScript code is inserted to redirect users to a completely different site. The expression seems to be an apparently innocent link, but it’s in fact hiding something else, the JavaScript embedded in the link.

We might send out this link to someone else, so our unworried recipient would click the link to find out a little more about healthy food, and instead being redirected to a different site location, getting something he or she would never expect to see.

Our site’s reputation could be seriously wounded, as we can fairly imagine, if someone is taking care of sending around our URL with the JavaScript code embedded in the link, to numerous recipients. That would result in the nasty redirecting effect previously described. And recipients wouldn’t be happy about it at all!

Having presented the most commonly used Cross Site Scripting techniques, we need to tackle a proper solution to avoid their ugly effects and prevent ourselves from becoming victims of them.

Let’s see how the problem can be solved.

Next: Preventing Cross Site Scripting >>
 

More Security Articles
More By Alejandro Gervasio

Comments On: A Quick Look at Cross Site Scripting

· Woah, the possibilities of this have never crossed my mind. Great article!    · Um, how is this solution better than using such built-in PHP functions as...    · I always use this:<?php/** * Remove slashes, tags and ASCIIZ from GET,...    · You *never* *ever* do something like:echo $_GET['variable'];this does not...    · Hello,I'm the author of the article.Cheers.I totally agree that echoing GET...    · Hello,Because I wrote the article, I must thank you for the comment. It's great...    · Hello again,Also,it's worthy considering that JavaScript embbeded into links, is...    · I don't think this article creates a real scary threat, If you use javascript to...    · Hello,Thank you for commenting on my article. With regard to your comment I must...    · the problem is you're not actually *validating* your input. You're just altering it...    · Thank you for your comments on this article. Well, you're correct when you say the...    · First it need to be noted that no php security scripting will replace a improperly...    · whichever admin reviewed the above scripts i submitted screwed them up.there...    · here is the second one that requires CCISECURITY.PHP<?php####### ...    · here is the third one i mentioned .it is a stand-alone secueirty class providing...    · Thank you for posting this extremely useful set of classes with reference to...    · As I posted before, I greatly appreciate the group of excellent classes you listed...   >>> Post your comment now!