On Sep 24, 12:17 pm, Sam Ruby <[EMAIL PROTECTED]> wrote: > > A similar attack is to add an enormous margin or padding to a > > malicious link so that clicks anywhere on the page will trigger that > > link. I believe this is the attack that was used to steal 30,000 > > MySpace passwords a year or so ago. > > Can you give an actual example of a position attribute that isn't > sanitized out? "position" is not white-listed. > > http://wiki.whatwg.org/wiki/Sanitization_rules
height, width, margin, padding, overflow and line-height are all on the whitelist, but each one can be used to affect the dimensions of an element on the page. My concern is attacks which use those properties with enormous values on a phishing link such that a click anywhere on the page takes the user somewhere nasty. I also noticed that the various form elements are allowed by the whitelist. This is also a phishing risk - an attacker can use them to create their own copy of a site's login form which targets an external server and steals passwords. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "html5lib-discuss" group. To post to this group, send email to html5lib-discuss@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/html5lib-discuss?hl=en-GB -~----------~----~----~----~------~----~------~--~---
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4