HTML/Middle-click/Security question...

Mike Kallies mike.kallies-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Sat Mar 10 19:05:39 UTC 2007


On 3/10/07, Madison Kelly <linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org> wrote:

> Also, I check that the source of the POST was my server (to hopefully
> prevent an attacker from making their own form on another server)."

The form is usually downloaded by the client then the results get
POSTed.  The client can do anything they want with it.

...
>    I am quite curious to know how people go about protecting against
> user's manually creating URLs with bogus/malicious code/variables.

You have to assume that all data coming from an untrusted source is malicious.

Generally, no client data can be trusted.  All of it needs to be
carefully checked.  There are some libraries which assist with this
kind of thing, but nothing to completely solve the problem.

In the case of URLs, you know what valid data looks like, so you have
to check it.  You can be brutal about it.. eg, rather than responding
that the input is invalid and why, just blindly convert it all to
valid data (truncate, remove invalid characters etc.).

I say "generally" because if you're designing an app for a trusted
group, and your authentication system is secure, then you can take
calculated risks... as long as management doesn't ask you to open it
to the public.  A rule of thumb on allowing people to access such an
app, is whether or not you would give them shell access to your
system.


-Mike
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list