понедельник, 24 ноября 2008 г.

IE 8 and XSS

Here are the results of analysis of XSS filter built in current beta Internet Explorer 8. Colleagues from Microsoft have achieved rather good results – the most widespread attack vectors for the vulnerability are blocked.
If we take into account that XSS is the most widespread Web problem according to both Positive Technologies and international WASC statistics, the existence of such mechanisms in browsers is a useful initiative. I think Avir/HIPS developers should also care about this area.

There is a contracted summery below about filter efficiency against different attack vectors:

Stored version
No
DOM-Based
Partly
Reversed version
In tag
No
In Javascript
No
In HTML
Yes
In tag parameter
Yes

It is funny that the different vulnerability (HTTP Response Splitting) was detected that allows attackers to disable XSS protection. I hope the problem will be solved in the release version.