json-ld.org icon indicating copy to clipboard operation
json-ld.org copied to clipboard
verified publisher icon json-ld

Prevent potentially dangerous behaviour within proxy script

Open timoles opened this issue 4 years ago • 1 comments

Whenever a user supplies a custom "@context": "http://schema.org/" within the json-ld playground a call to a proxy script is made.

This proxy script is implemented in an unsafe manner, allowing an attacker to perform XSS or CSRF attacks against the server. I didn't find a private contact method for reporting the vulnerability, so here's directly the pull request which should harden the proxy script.

Long-term it's probably advisable to perform requests to hosts defined within @context completely client-side via JavaScript.

timoles avatar Jun 05 '21 10:06 timoles

@davidlehn This PR addresses a reasonable concern and has been languishing. Could you comment or commit?

gkellogg avatar Jun 01 '22 17:06 gkellogg