Exploring the DOMPurify library: Bypasses and Fixes (1/2). Tags:Article - Article - Web - mXSS
title: Exploring the DOMPurify library: Bypasses and Fixes (1/2) date: Nov 17, 2024 tags: Article Web mXSS 📜 Introduction 🔍 How does client-side HTML sanitizer works? ❓ Why are mutation XSS (mXSS) possible? ▶️ DOMPurify 3.1.0 bypass (found by @IceFont 👑) Node flattening HTML Parsing states Proof Of Concept ⏩ DOMPurify 3.1.1 bypass DOMPurify 3.1.0 fix DOM Clobbering issue Proof Of Concept ⏭️ DOM
Polyfill supply chain attack hits 100K+ sites
by Sansec Forensics Team Published in Threat Research − June 25, 2024 The new Chinese owner of the popular Polyfill JS project injects malware into more than 100 thousand sites. Update June 28th: We are flagging more domains that have been used by the same actor to spread malware since at least June 2023: bootcdn.net, bootcss.com, staticfile.net, staticfile.org, unionadjs.com, xhsbpza.com, union.m
CVE-2024-4367 - Arbitrary JavaScript execution in PDF.js — Codean Labs
This post details CVE-2024-4367, a vulnerability in PDF.js found by Codean Labs. PDF.js is a JavaScript-based PDF viewer maintained by Mozilla. This bug allows an attacker to execute arbitrary JavaScript code as soon as a malicious PDF file is opened. This affects all Firefox users (<126) because PDF.js is used by Firefox to show PDF files, but also seriously impacts many web- and Electron-based a
Release Release v0.28.0 · axios/axios
Release notes: Bug Fixes fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091) Backports from v1.x: Allow null indexes on formSerializer and paramsSerializer v0.x (#4961) Fixing content-type header repeated #4745 Fixed timeout error message for HTTP 4738 Added axios.formToJSON method (#4735) URL params serializer (#4734) Fixed toFormData Blob issue on node>v17 #47
フロントエンド開発のためのセキュリティ入門 知らなかったでは済まされない脆弱性対策の必須知識 | 翔泳社
Webアプリケーションの堅牢化に欠かせない知識を凝縮! セキュリティ学習のスタートに最適の一冊! 本書は、安全なWebアプリケーションを開発するための基本知識を、フロントエンドエンジニア向けに解説したセキュリティの入門書です。 これまでWebアプリケーションの開発で、セキュリティは「バックエンドの仕事」というイメージの強い領域でした。しかし、アプリケーションの安全性を高めるためには、フロントエンドエンジニアにも、セキュリティの基礎知識や具体的な対策の実践が求められます。 本書では、Webセキュリティの必須知識である「HTTP」「オリジン」などの基礎トピックや、「XSS」「CSRF」といったフロントエンドを狙ったサイバー攻撃の仕組みを、サンプルアプリケーションを舞台にしたハンズオンで学びます。 もちろん、攻撃からユーザーを守る防御の手法もしっかりおさえます。個々の攻撃手法に応じた対策のほか、
JavaScript for hackers
PortSwigger researcher Gareth Heyes is probably best known for his work escaping JavaScript sandboxes, and creating super-elegant XSS vectors. In his spare time he likes to create interative 3D rooms and games in pure CSS and can be often found posting about it and experimenting on his web site garethheyes.co.uk. Gareth is a father to two wonderful girls and husband to an amazing wife, as well as
What is a realm in JavaScript?
What is a realm in JavaScript? 28 Oct 2022 As part of my long term research around browser JavaScript security, in the past year I have been focusing specifically on security for realms ⭐️. Due to the rise of dependencies-based development, the JavaScript ecosystem (and the browser JavaScript ecosystem in particular) is far more vulnerable to what we know as “supply chain attacks” - and the abilit
Secure JavaScript URL validation | Snyk
ProductsProducts What is Snyk? Developer-first security in action
Building secure web apps using Web Workers | Mercari Engineering
Security is paramount for our users, and we at mercari strive to provide a snappy and safe platform. We recently introduced an additional layer of defence by adding Web Workers to secure the access token. It now protects the users from various kinds of attacks, including token theft from Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), prototype pollution, zero-day npm package vulner
SPAセキュリティ超入門 | ドクセル
スライド概要 SPA(Single Page Application)の普及が一層進んでおり、従来型のMPAを知らないウェブ開発者も生まれつつあるようです。SPA対応のフレームワークでは基本的な脆弱性については対策機能が用意されていますが、それにも関わらず、脆弱性診断等で基本的な脆弱性が指摘されるケースはむしろ増えつつあります。 本セッションでは、LaravelとReactで開発したアプリケーションをモデルとして、SQLインジェクション、クロスサイトスクリプティング、認可制御不備等の脆弱性の実例を紹介しながら、現実的な対策について紹介します。LaravelやReact以外のフレームワーク利用者にも役立つ説明を心がけます。 PHPカンファレンス2022での講演資料です。 PHPカンファレンスでの動画URL https://www.youtube.com/watch?v=jZ6sWyGxcCs
GitHub - Shopify/remote-dom
Remote DOM lets you take a tree of DOM elements created in a sandboxed JavaScript environment, and render them to the DOM in a different JavaScript environment. This allows you to isolate potentially-untrusted code off the main thread, but still allow that code to render a controlled set of UI elements to the main page. The easiest way to use Remote DOM is to synchronize elements between a hidden
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
CVE-2024-51757 - GitHub Advisory Database
Blog: Enabling Trusted Types in a Complex Web Application: A Case Study of AppSheet
Ajv JSON schema validator
CVE-2022-46175 - GitHub Advisory Database
我從 DiceCTF 2022 中學到的各種 JS 與前端冷知識
GitHub - LavaMoat/snow: Use Snow to finally secure your web app's same origin realms!
Naked Security – Sophos News
GitHub - gzuidhof/coi-serviceworker: Cross-origin isolation (COOP and COEP) through a service worker for situations in which you can't control the headers (e.g. GH pages)
Hostname spoofing via backslashes in URL