[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [WEB SECURITY] Why JSON/JavaScript hijacking only works on Mozilla
- From: "Billy Hoffman" <Billy.Hoffman@xxxxxxxxxxxxxxx>
- Subject: RE: [WEB SECURITY] Why JSON/JavaScript hijacking only works on Mozilla
- Date: Wed, 29 Aug 2007 20:51:22 -0400
------_=_NextPart_001_01C7EA9F.FC0AC0F5
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
So do you want to email Opera telling them their aren't standards =
compliance and thus bring about the end of the world? Or you I? :-)
Billy
-----Original Message-----
From: Daniel Veditz [mailto:dveditz@cruzio.com]
Sent: Wed 8/29/2007 4:39 AM
To: websecurity@webappsec.org
Subject: Re: [WEB SECURITY] Why JSON/JavaScript hijacking only works on =
Mozilla
=20
Billy Hoffman wrote:
> Well I figured out how to hijack without Mozilla-specific extensions,
> but I still couldn't hijack IE. The fundamental limitation =
(Protection?
> Feature? Bug?) is that all other JavaScript interpreters do not call a
> constructor function when parsing literals.
The ECMA 262 Edition 3 spec says to
11.1.4.1. Create a new array as if by the expression |new Array()|.
11.1.5.1. Create a new object as if by the expression |new Object()|.
-------------------------------------------------------------------------=
---
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:=20
http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:=20
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
------_=_NextPart_001_01C7EA9F.FC0AC0F5
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
6.5.7652.24">
<TITLE>RE: [WEB SECURITY] Why JSON/JavaScript hijacking only works on =
Mozilla</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=3D2>So do you want to email Opera telling them their =
aren't standards compliance and thus bring about the end of the world? =
Or you I? :-)<BR>
<BR>
Billy<BR>
<BR>
-----Original Message-----<BR>
From: Daniel Veditz [<A =
HREF=3D"mailto:dveditz@cruzio.com";>mailto:dveditz@cruzio.com</A>]<BR>
Sent: Wed 8/29/2007 4:39 AM<BR>
To: websecurity@webappsec.org<BR>
Subject: Re: [WEB SECURITY] Why JSON/JavaScript hijacking only works on =
Mozilla<BR>
<BR>
Billy Hoffman wrote:<BR>
> Well I figured out how to hijack without Mozilla-specific =
extensions,<BR>
> but I still couldn't hijack IE. The fundamental limitation =
(Protection?<BR>
> Feature? Bug?) is that all other JavaScript interpreters do not =
call a<BR>
> constructor function when parsing literals.<BR>
<BR>
The ECMA 262 Edition 3 spec says to<BR>
<BR>
11.1.4.1. Create a new array as if by the expression |new Array()|.<BR>
11.1.5.1. Create a new object as if by the expression |new =
Object()|.<BR>
<BR>
<BR>
<BR>
-------------------------------------------------------------------------=
---<BR>
Join us on IRC: irc.freenode.net #webappsec<BR>
<BR>
Have a question? Search The Web Security Mailing List Archives:<BR>
<A =
HREF=3D"http://www.webappsec.org/lists/websecurity/";>http://www.webappsec=
.org/lists/websecurity/</A><BR>
<BR>
Subscribe via RSS:<BR>
<A =
HREF=3D"http://www.webappsec.org/rss/websecurity.rss";>http://www.webappse=
c.org/rss/websecurity.rss</A> [RSS Feed]<BR>
<BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>
------_=_NextPart_001_01C7EA9F.FC0AC0F5--
Brought to you by http://www.webappsec.org
Search this site
|