i am not the strongest js user, but i need it and i wrote some code for my webpage which works on apache and php. in my ajax requests i have that code in
if (dataX['var1'] == '1.1' || dataX['var1'] == '2.1')
{
window.location.href = '<domain>'
}
if i use XSStrike to check potential VULNERABILITIES on my system i get the message that maybe that part could be injected.
can someone help me to fix that if it is needed? do i need something like freeze or other stuff to fix that? Sry but i dont see how attackers could use that. thx for any usefull help. br
what i try? i try to ask on that channel?!
2
Answers
If
<domain>can contain arbitrary unchecked strings then the attacker would get access to the scope of your page if they previously managed to save "domain" with whatever string they wanted. In THIS case it is highly questionable what they could do other than redirect to their server since the code in<domain>would not be executed due to the page changeI am not sure what a location
or a change that only changes the hash
It’s safe when
'<domain>'just a string. But when some value oflocation.hreftyped by user – it’s unsafe, because this construction can run javascript likejavascript: alert(document.cookie)by specification.