Ruby on rails 3 如何修复Rails中的XSS
我不知道它是否算作XSS,但它会导致错误 我有一个图像标签,Ruby on rails 3 如何修复Rails中的XSS,ruby-on-rails-3,security,escaping,xss,Ruby On Rails 3,Security,Escaping,Xss,我不知道它是否算作XSS,但它会导致错误 我有一个图像标签,:alt标签由用户生成 但是,使用sanitize/h/html\u escape对此没有帮助(从OWASP-) 图像的输出被弄乱了 有没有办法修复这个XSS 我使用的是最新的rails,ruby,自从rails 3.2.8以来,rails转义助手对双引号和单引号进行了转义 如果您实际使用的是正确的版本,您应该不会有问题 >> ERB::Util.h '\';alert(String.fromCharCode(88,83,8
:alt
标签由用户生成
但是,使用sanitize
/h
/html\u escape
对此没有帮助(从OWASP-)
图像的输出被弄乱了
有没有办法修复这个XSS
我使用的是最新的rails,ruby,自从rails 3.2.8以来,rails转义助手对双引号和单引号进行了转义 如果您实际使用的是正确的版本,您应该不会有问题
>> ERB::Util.h '\';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">\'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>'
=> "';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>"
>ERB::Util.h'\';警报(String.fromCharCode(88,83,83))/\';警报(String.fromCharCode(88,83,83))/“警报(String.fromCharCode(88,83,83))/”;警报(String.fromCharCode(88,83,83))/-->“>\'>警报(String.fromCharCode(88,83,83))”
=> "';警报(String.fromCharCode(88,83,83))//';;警报(String.fromCharCode(88,83,83))/“警报(String.fromCharCode(88,83,83))/”;警报(String.fromCharCode(88,83,83))/-/SCRIPT“';SCRIPTalert(String.fromCharCode(88,83,83))/SCRIPT”
(注意:上面原始字符串中的反斜杠需要在那里,Ruby才能正确地解析字符串,该字符串随后包含单引号。)由于Rails 3.2.8和修复,Rails转义帮助程序同时转义双引号和单引号 如果您实际使用的是正确的版本,您应该不会有问题
>> ERB::Util.h '\';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">\'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>'
=> "';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>"
>ERB::Util.h'\';警报(String.fromCharCode(88,83,83))/\';警报(String.fromCharCode(88,83,83))/“警报(String.fromCharCode(88,83,83))/”;警报(String.fromCharCode(88,83,83))/-->“>\'>警报(String.fromCharCode(88,83,83))”
=> "';警报(String.fromCharCode(88,83,83))//';;警报(String.fromCharCode(88,83,83))/“警报(String.fromCharCode(88,83,83))/”;警报(String.fromCharCode(88,83,83))/-/SCRIPT“';SCRIPTalert(String.fromCharCode(88,83,83))/SCRIPT”
(注意:上面原始字符串中的反斜杠需要存在,Ruby才能正确解析包含单引号的字符串。)u可以通过filter“>来修复它,并且>只有这三个字符是ennoughu可以通过filter“>来修复它,>只有这三个字符是ennough
>> ERB::Util.h '\';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">\'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>'
=> "';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>"