Loading ...
Sorry, an error occurred while loading the content.

101Re: ADsafe, Take 6

Expand Messages
  • collin_jackson
    Oct 17, 2007
    • 0 Attachment
      I'm not pasting. I'm reading the value of a textarea into JSLint
      directly using JavaScript.

      See http://crypto.stanford.edu/jsonrequest/nullbyte2.html

      It looks like Firefox is converting null bytes to Unicode character
      65533, which isn't rejected by JSLint. So all you need to do is reject
      Unicode character 65533 to defeat this attack.

      (Note that null bytes vanish in IE, which is fine as long as Firefox
      rejects them.)

      --- In caplet@yahoogroups.com, "Douglas Crockford" <douglas@...> wrote:
      > --- In caplet@yahoogroups.com, "collin_jackson" <collinj@> wrote:
      > >
      > > Null byte between "java" and "script" passes JSLint on Firefox
      > > being an attack on IE
      > I scan every line for null and other characters. I am guessing that
      > the null is lost in the browser's paste process. In production,
      > inspection will be done on files, so I don't think that will be a
    • Show all 30 messages in this topic