InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

XSS sanitization

https://forums.informaction.com/viewtopic.php?t=2005

Page 1 of 1

XSS sanitization

Posted: Sun Jul 19, 2009 3:22 pm
by Alan Baxter
I'm curious about a particular XSS sanitization. Why is %22#1339542234582004198 appended to the URL? Why that particular number? Enquiring minds want to know.

Code: Select all

[NoScript XSS] Sanitized suspicious request. Original URL [http://blogs.zdnet.com/microsoft/?p=527%22] requested from [http://boycottnovell.com/2007/12/03/]. Sanitized URL: [http://blogs.zdnet.com/microsoft/?p=527%22%22#1339542234582004198].
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.1
Default theme, no other extensions
NoScript 1.9.6 default settings plus the following whitelisted sites:
cnet.com
com.com
yahooapis.com
zdnet.com

Load http://boycottnovell.com/2007/12/03/
Click on the link titled "Beware of undisclosed Microsoft patches"
The resulting page has the XSS sanitization.

Re: XSS sanitization

Posted: Sun Jul 19, 2009 3:47 pm
by therube
I don't get any XSS message?
Anyhow, I believe the "#" is a randomly generated "tag"?

OK, if I Allow zdnet.com, get the XSS message.

My "tag" is different:

Code: Select all

[NoScript XSS] Sanitized suspicious request. Original URL [http://blogs.zdnet.com/microsoft/?p=527%22] requested from [http://boycottnovell.com/2007/12/03/]. Sanitized URL: [http://blogs.zdnet.com/microsoft/?p=527%22%22#7444142728524984407].
There is probably some security reason for it being random.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited