CodeIgniter icon indicating copy to clipboard operation
CodeIgniter copied to clipboard

Published 20 hours ago verified publisher icon bcit-ci

Update Exceptions.php

Open SynacktivCerv opened this issue 3 years ago • 3 comments

In some cases, error messages could lead to Cross-Site Scripting vulnerability. This small fix sanitize potential user input from GET/POST parameters that could be returned into error messages.

For example with this kind of code: if (isset($_GET['page'])) { $this->load->view($_GET['page']); }

If the page is load with /?page= the JavaScript will be executed.

SynacktivCerv avatar Mar 12 '22 09:03 SynacktivCerv

Why would you pass $_GET['page'] raw variable? We have a dedicated library for fetching GET parameters.

gxgpet avatar Mar 27 '22 17:03 gxgpet

The example is not my code but something I saw during a security review.

Furthermore, by using the dedicated library, the injection on error page seems to still be possible. Indeed, the documentation from your link is saying that " XSS escaping should be performed on output, not input!".

SynacktivCerv avatar Apr 05 '22 19:04 SynacktivCerv

Hi,

Any update on this issue?

Regards,

SynacktivCerv avatar Sep 26 '22 21:09 SynacktivCerv