[13778] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: recent 'cross site scripting' CERT advisory

daemon@ATHENA.MIT.EDU (Mikael Olsson)
Wed Feb 9 10:32:25 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Message-Id:  <38A11747.3108549F@enternet.se>
Date:         Wed, 9 Feb 2000 08:29:11 +0100
Reply-To: Mikael Olsson <mikael.olsson@ENTERNET.SE>
From: Mikael Olsson <mikael.olsson@ENTERNET.SE>
X-To:         Taneli Huuskonen <huuskone@CC.HELSINKI.FI>
To: BUGTRAQ@SECURITYFOCUS.COM

Taneli Huuskonen wrote:
>
> Now, if trusted.com's
> webserver refused to serve anything else but the index page unless the
> Referer: field contained a trusted.com URL, this attack would be foiled.
>
> Now, is there a way to trick a browser into lying about the referrer?
>

According to
http://www.securiteam.com/securitynews/DHTML_makes_HTTP_REFERER_an_unreliable_sanity_check.html

it is possible for DHTML to lie about the referer.

(I believe this was originally a post here on Bugtraq, but I might
be wrong; could be some other mailing list I'm on too..)

/Mike

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 VRNSKVLDSVIK
Phone: +46 (0)660 105 50           Fax: +46 (0)660 122 50
Mobile: +46 (0)70 248 00 33
WWW: http://www.enternet.se        E-mail: mikael.olsson@enternet.se


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13778] in bugtraq

Re: recent 'cross site scripting' CERT advisory

daemon@ATHENA.MIT.EDU (Mikael Olsson)Wed Feb 9 10:32:25 2000

daemon@ATHENA.MIT.EDU (Mikael Olsson)
Wed Feb 9 10:32:25 2000