Closed dnprock closed 7 years ago
We ran Burp Suite security scanner through our code base and it identifies a vulnerability in turbolinks gem.
Here's the line that may cause script injection:
https://github.com/rails/jquery-ujs/blob/a4da3b4909b2ca081de3c6f99064403623bfe1fb/src/rails.js#L188
The tool recommends to escape location.href variable to prevent script injection. Something like:
htmlEncode = function(value) { return $('< div />').text(value).html(); }
Would this be a vulnerability or is it already addressed?
This is not vulnerable to XSS because the value of location.href is not used to print any element in the DOM. It is in fact used in a security features that is to compare if a request is cross domain or not.
We ran Burp Suite security scanner through our code base and it identifies a vulnerability in turbolinks gem.
Here's the line that may cause script injection:
https://github.com/rails/jquery-ujs/blob/a4da3b4909b2ca081de3c6f99064403623bfe1fb/src/rails.js#L188
The tool recommends to escape location.href variable to prevent script injection. Something like:
htmlEncode = function(value) { return $('< div />').text(value).html(); }
Would this be a vulnerability or is it already addressed?