Fix xss vulnerability in origin save (!99) · Merge requests · Platform / Development / swh-web

Kalpit Kothari requested to merge generated-differential-D1433-source into generated-differential-D1433-target Apr 25, 2019

Related #1690 (closed) Added client side xss filter

Save code now is vulnerable to XSS attack.

Steps to reproduce-
Remove the validation from client side (with dev tools)
Enter this url in origin url
https://github.com/%3Cscript%3Ealert(document.domain);%3C/script%3E

We should add more validations at the server side to prevent such urls from entering into the database.

For server side validations, I was thinking of preventing regex /.(%3C).(%3E)/ and /.(javascript:)./ There may be a few more cases we need to take care of.

Or should we check if the url returns 200 or not before entering it to the table.

Migrated from D1433 (view on Phabricator)

Silent mode is enabled

Fix xss vulnerability in origin save

Merge request reports