jPurify icon indicating copy to clipboard operation
jPurify copied to clipboard
verified publisher icon cure53

Is there a way to test the exploit without popping up an alert?

Open DinisCruz opened this issue 9 years ago • 6 comments

That should make the tests more solid, since as I'm reading it, the way to check if jPurify is working is to run it and confirm that no popup test is running (right?)

Are there tests that show those sinks actually triggering the javascript execution?

DinisCruz avatar Jul 14 '16 16:07 DinisCruz

Not sure if I understand the question 100% right. What exactly do you mean?

cure53 avatar Jul 16 '16 13:07 cure53

At the moment it looks like the tests are designed to show that the popup does not happen

 $('#append').append('<li>#append XSS from HTML string</li><iframe/onload=alert(2.1)>', '<iframe/onload=alert(2.2)>');

right?

DinisCruz avatar Jul 16 '16 14:07 DinisCruz

Yep, exactly. You want it the other way round, correct?

cure53 avatar Jul 21 '16 02:07 cure53

for the cases where it is exploitable, yes we should be testing that the alert was called

DinisCruz avatar Jul 23 '16 06:07 DinisCruz

So, what is needed from our side?

cure53 avatar Jul 25 '16 11:07 cure53

@cure53 check this test out

https://github.com/OWASP/Maturity-Models/issues/153#issuecomment-234985203

a 'jquery variation of that' should work here right?

DinisCruz avatar Jul 25 '16 15:07 DinisCruz