ratchet icon indicating copy to clipboard operation
ratchet copied to clipboard
verified publisher icon iamvery

Vulnerability?

Open iamvery opened this issue 9 years ago • 1 comments

Is https://github.com/iamvery/ratchet/pull/21 a concern? It seems to still be problematic...

attributes:

screen shot 2016-09-30 at 8 06 00 am ### rendered markup: screen shot 2016-09-30 at 8 06 17 am ### click: screen shot 2016-09-30 at 8 06 40 am

So the question is, does this matter? What if any are the attack vectors? Seems like if there is a concern, it would come inserting user content into these attributes 🤔

iamvery avatar Sep 30 '16 13:09 iamvery

After a little more research, this only seems to be a problem if user input is used for attribute names. Values appear to be properly escaped. In general it seems like it's always a bad idea to use user input for attribute names, but it still seems like a vector. Fwiw, similar things can be accomplished with EEx as well...

iamvery avatar Sep 30 '16 13:09 iamvery