Chrome also has a function to fix or rewrite HTML
Thursday, 26 May 2011
Chrome 11 Anti-XSS ByPass
When a string that can execute any kind of javascript which it is injected, like could be 
onerror=”alert();”/>, Google Chrome fix the source code in runtime, replacing the original string by the following,
, so the injected javascript code is missed and it’s not possible to execute any attack.
Chrome also has a function to fix or rewrite HTML
Chrome also has a function to fix or rewrite HTML
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment