Inconsistent JS minification can cause differential analysis FPs

Arachni / arachni

Web Application Security Scanner Framework

http://www.arachni-scanner.com

Other

3.72k stars 756 forks source link

Inconsistent JS minification can cause differential analysis FPs #836

Open Zapotek opened 7 years ago

Zapotek commented 7 years ago

CloudFlare tries to minify JS files, but the resulting formatting is inconsistent 2-3% of the time. This rare inconsistency can cause differential analysis FPs if it occurs at the wrong time.

See: http://support.arachni-scanner.com/discussions/problems/4196-false-positives

Elointz commented 7 years ago

Just out of curiosity, could this have been CloudBleed?

Zapotek commented 7 years ago

@Elointz I don't think so.