Page 1 of 1
javascript: / data: URI being bypassed
Posted: Fri Sep 07, 2012 2:09 pm
by therube
Code: Select all
data:image/gif;base64,R0lGODlhLgAtAJEBAAAAAAAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQJFAABACwAAAAALgAtAAAEzDDISWsFGNjNu8+gJ44WGJJoZ5ppe62ZK8On3NKY7eLaFOsvXk8C0wl/Pl6quCoJSTToU4STKqnR0RGb5V45388WPBUre8ixuekjxo5DLyuAfqvJW00IXuc3/YB8dIGEVYWHf4BJiDmMNVaDjnFafZGFN5WMmG56iJuRloSfdmNsKDmhaqZSRJyoqE6PlK0Uq7Vzp2iLdXhIrHRti72wv5PCG7ZYtMjGrsSzwGTDzSq60syyytGpRc7U132luMWcx6Cpo263ca/j0AARAAAh+QQJCgABACwAAAIALgArAAAExDDISau14OrNZcbA141beIUiqXqoWblr3MZ0iXZ3bQfp2cI62m8Y1AB5w1+RQmQlc8un89kbUa9XFXabxXG/TRt4nPlAkWQuczqVosNUD3s7SSvLN7v9re/z+3uAgn9YdYJ4hzImh0deToRgio+AkmiQX5V5fisumnR/mWOGM5xmbSxGSqVyTKogpFqmbEipsCSdda1Vbbs7PLW1Z1ayPsGNHLipxr3Kv82vwo7Ol7Bht7KRoKvOUN2drtesQGfftsMeEQAAIfkECQoAAQAsAAAAAC4ALQAABMkwyEmrvRIAzHveXqCF5KSBZUqiauu+cCxj5zmrdf2xd5X/vxlwSLThishhKskMrprQUYgoijo71F2QiS2anFwOkqL7ekHGqteTzWi1yifQrd6ExVy7rQm31q2AW4GDOX+EgYZjfYiHZSV7jVKPaCOHRzuJUJdqmXxLlHqDm5BJfaNRZmlPdIVVNK2TdKmSPrCrIqkfr463KCyqZLZTaLu7wGzEr8a0w7IWzLM8yM61y9JdsndXvYtx2824nJjj39PhtKpS5dgiEQAAOw==
javascript: / data: URI being bypassed
FF 15.0.1
new profile
set browser to start up at about:blank
open
type in data: URI
blocked
new window
type in data: URI
accepted
new window
type in data: URI
accepted
load a web page in that window
type in data: URI
blocked
Re: data: URI being bypassed
Posted: Fri Sep 07, 2012 2:21 pm
by therube
maybe there is a timing issue involved?
when you open the new window, you must paste & go, relatively quickly
try again
open new window
wait two seconds
paste & go
blocked
?
Re: javascript: / data: URI being bypassed
Posted: Fri Sep 07, 2012 2:37 pm
by therube
javascript: reacts slightly differently?
javascript:("Hello World!");
Re: javascript: / data: URI being bypassed
Posted: Sat Sep 08, 2012 9:49 am
by Giorgio Maone
I'm not sure why a data: URI representing an image should be blocked.
Re: javascript: / data: URI being bypassed
Posted: Sat Sep 08, 2012 6:43 pm
by therube
The point is that by default data: should be blocked when typed in to the address bar, & it is not (always).
Code: Select all
+ Disabled execution of javascript: and data: URLs typed or
pasted in the address bar (noscript.allowURLBarJS preference)
Oh, so you're differentiating between URL & URI.
In any case, a data: URL behaves the same.
You can use the phish data: URL linked in here,
data: URI & NoScript Icon Indicator. That is where I originally saw the problem. Just figured I'd post some data: that was a bit smaller, & the image worked just as well.
Re: javascript: / data: URI being bypassed
Posted: Thu Sep 13, 2012 3:50 pm
by therube
(Might take a bit to load?)
I can paste data: URI & have it bypass the NoScript data: URI blocker.
If I wait a moment, NoScript does block the data: URI, presenting me with the method to allow it, but I know another way
.
Re: javascript: / data: URI being bypassed
Posted: Sat Oct 06, 2012 12:28 am
by therube
What have I done here, anything,
http://tinyurl.com/therube ?
Is clicking the link the same as pasting a data: URI into the address bar & hitting return?
Is pasting the "
http:" URL into the address bar & hitting return the same as typing a data: URI into the address bar?
From
dslreports.com: detectify:
Universal XSS in Opera