Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sanitize serviceURL parameter #85

Open
Harsh14901 opened this issue Sep 29, 2020 · 2 comments
Open

Sanitize serviceURL parameter #85

Harsh14901 opened this issue Sep 29, 2020 · 2 comments

Comments

@Harsh14901
Copy link
Member

The serviceURL parameter is currently vulnerable to XSS attacks. If you click HERE then after logging in you will see your CASI node session cookies being displayed in the alert box.

Note: The CASI tokens are httpOnly hence they are immune to XSS attacks.
@bicycleman15
Copy link
Member

Has this been implemented ? @Harsh14901
Should I close this ?

@Harsh14901
Copy link
Member Author

No, I haven't found a completely reliable solution for this yet. We could either add a regex check to the serviceURL parameter but I am not sure if that could also be circumvented by the attacker or not. (As we do in CTF challenges :P)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bicycleman15 @Harsh14901