Taulmarill has asked for the wisdom of the Perl Monks concerning the following question:
As i was looking for a nice BBCode2HTML converter i came across the following behavior of the Module which i think is a bug which could be exploited to insert JS.
[color=blue" onmouseover="this.innerHTML = 'XSS']test[/color]
becomes
<span style="color: blue" onmouseover="this.innerHTML = 'XSS'">test</span>
I used the following script to test this behavior:
[color=blue" onmouseover="this.innerHTML = 'XSS']test[/color]
becomes
<span style="color: blue" onmouseover="this.innerHTML = 'XSS'">test</span>
I used the following script to test this behavior:
If i made a mistake or there is a workaround other than disabling the color-tag (and maybe other tags, too), please let me know. Also i would like to hear other suggestions for BBCode2HTML converters (doesn't have to be exactly BBCode, could be something similar) that are known to be safe for public websites.use strict; use warnings; use HTML::BBCode; my $bbcode = q~[color=blue" onmouseover="this.innerHTML = 'XSS']test[/ +color]~; my $bbc = HTML::BBCode->new( { no_html => 1, no_jslink => 1, linebreaks => 1, } ); print $bbc->parse($bbcode); print "\n";
Back to
Seekers of Perl Wisdom