Software and web application security

April 4, 2007

Fortify JavaScript Hijacking Vulnerability Detected

Filed under: web, web apps — chrisweber @ 2:47 pm

Rather scary issue regarding evil.com’s ability to rewrite javascript constructs such as the fundamental Object.  This means that evil.com can change the AJAX/JSON behavior of scripts run through good.com.

http://www.fortifysoftware.com/advisory.jsp

ScottGu from Microsoft responds as to why ASP.NET AJAX is not so vulnerable to this issue.  Doesn’t look like the best solution (basically the server requires an HTTP header Content-Type: application/json or it ignores the request).

http://weblogs.asp.net/scottgu/archive/2007/04/04/json-hijacking-and-how-asp-net-ajax-1-0-mitigates-these-attacks.aspx

Advertisements

Blog at WordPress.com.