Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reintroduce the raw html feature securized #22

Open
paradoxxxzero opened this issue Mar 2, 2014 · 3 comments
Open

Reintroduce the raw html feature securized #22

paradoxxxzero opened this issue Mar 2, 2014 · 3 comments

Comments

@paradoxxxzero
Copy link
Owner

@paradoxxxzero paradoxxxzero commented Mar 2, 2014

Use a good script stripping method to clean the inserted html to avoid mailicious script injection.

http://stackoverflow.com/questions/6659351/removing-all-script-tags-from-html-with-js-regular-expression
and https://github.com/LiftoffSoftware/htmltag/blob/master/htmltag.py#L186

could be a start.

@paradoxxxzero
Copy link
Owner Author

@paradoxxxzero paradoxxxzero commented Mar 7, 2014

Following to a discussion with GateOne developer, this should be reintroduced as a DCS control rather than dirty OSC99 hack.
The escape format will be:

\x90;TYPE|CONTENT\x9c

Where TYPE here will be HTML and content the raw html to be stripped.

@paultag
Copy link

@paultag paultag commented Mar 7, 2014

Ftr my example svg had no script tags
On Mar 7, 2014 4:20 AM, "Mounier Florian" notifications@github.com wrote:

Following to a discussion with GateOne developer, this should be
reintroduced as a DCS control rather than dirty OSC99 hack.
The escape format will be:

\x90;TYPE|CONTENT\x9c

Where TYPE here will be HTML and content the raw html to be stripped.

Reply to this email directly or view it on GitHubhttps://github.com//issues/22#issuecomment-36979996
.

@paradoxxxzero
Copy link
Owner Author

@paradoxxxzero paradoxxxzero commented Mar 11, 2014

Yes, all on* attributes must be removed too.
I was wondering, maybe using an embed tag with a data url should be enough to prevent any exploit ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants