[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous

From: "Mike Metzger" <mdmetzger@xxxxxxxxx>
Subject: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Date: Thu, 4 Jan 2007 17:12:47 -0600

------=_Part_10298_16493895.1167952367655
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

D'oh - ok Guy Podjarny's suggestion worked great.  I tried the #, just
didn't put anything after it.  Firefox interpreted it properly with a #a
behind the redirect.

Once I get a chance to cleanup code, I'll post info on where to download
shortly for any in need of an ASP.NET handler for this issue.

Thanks to all

Mike

On 1/4/07, Mike Metzger <mdmetzger@gmail.com> wrote:
>
> Based on Amit's general format, I'm trying to implement an HttpHandler for
> ASP.NET that will monitor requests for PDF files.  Thus far, the technique
> works great - for IE6 and IE7.  For Firefox, it keeps the anchor even with a
> redirected URL.
>
> I've tried the following:
>
> - Adding a # character in my redirect URL.
> - Adding a Refresh and URL response header to the new location
>
> Neither of these have had any effect.  I'm a bit at a loss of how to
> continue.
>
> I'll post code / a link to test soon.
>
> Thanks
>
> Mike Metzger
>

------=_Part_10298_16493895.1167952367655
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

D&#39;oh - ok Guy Podjarny&#39;s suggestion worked great.&nbsp; I tried the #, just didn&#39;t put anything after it.&nbsp; Firefox interpreted it properly with a #a behind the redirect.&nbsp; <br>
<br>
Once I get a chance to cleanup code, I&#39;ll post info on where to download shortly for any in need of an <a href="http://ASP.NET";>ASP.NET</a> handler for this issue.<br>
<br>
Thanks to all<br>
<br>
Mike<br><br><div><span class="gmail_quote">On 1/4/07, <b class="gmail_sendername">Mike Metzger</b> &lt;<a href="mailto:mdmetzger@gmail.com";>mdmetzger@gmail.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Based on Amit&#39;s general format, I&#39;m trying to implement an HttpHandler for <a href="http://ASP.NET"; target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">ASP.NET</a> that will monitor requests for PDF files.&nbsp; Thus far, the technique works great - for IE6 and IE7.&nbsp; For Firefox, it keeps the anchor even with a redirected URL.&nbsp; 
<br><br>I&#39;ve tried the following:<br><br>- Adding a # character in my redirect URL.&nbsp; <br>- Adding a Refresh and URL response header to the new location<br><br>Neither of these have had any effect.&nbsp; I&#39;m a bit at a loss of how to continue.&nbsp; 
<br><br>I&#39;ll post code / a link to test soon.<br><br>Thanks<br><span class="sg"><br>Mike Metzger<br>

</span></blockquote></div><br>

------=_Part_10298_16493895.1167952367655--

Follow-Ups:
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Mike Metzger

References:
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Mike Metzger

Prev by Date: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by Date: RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Previous by thread: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by thread: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site