search

dqw / owaspantisamy

Automatically exported from code.google.com/p/owaspantisamy
0 stars 0 forks source link

Tags containing null bytes are not validated #120

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Input such as <%00script>alert(1)</script> 
2.
3.

What is the expected output? What do you see instead?

Remove the null byte, then validate as normal. Instead, the tag goes through 
untouched. A tag formatted in this manner will be interpreted as a valid script 
tag in IE (tested on IE8) but not on any other major browser to my knowledge. 

What version of the product are you using? On what operating system?

Latest, Java on Linux

Please provide any additional information below.

Original issue reported on code.google.com by krpata...@gmail.com on 9 Dec 2011 at 3:34

GoogleCodeExporter commented 8 years ago 
Are there any workarounds for this (e.g. by using regular expressions in the 
policy file)?

Original comment by tsi4...@googlemail.com on 26 Nov 2013 at 11:57