How to execute Javascript inside jQuery selector
Question
I have a code like this:
$('.' + InjectionPoint).removeClass('classname');
where InjectionPoint is the part controlled by end user, apparently this code is vulnerable to DOM XSS , but is it really exploitable? and how should an attack vector be like?
Thanks
2 answers
solution1
4 ACCPTED 2015-12-19 06:24:51
On what are you basing your belief that "this code is vulnerable to DOM XSS"?
Based on this answer, that was true in older versions of jQuery, but not any version later than 1.6.3: https://stackoverflow.com/a/11170073/877682
solution2
0 2015-12-19 06:28:21
This is definitely subject to XSS. Check out this article which describes how an attacker might go about it: https://ttmm.io/tech/jquery-xss/
Basically, the author recommends that you use document.querySelectorAll() instead of the jQuery selector function. Someone commented that this is a non-issue for jQuery 1.7 and above but don't quote me on that.
In general, it's never ever a good idea to trust what your users give you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.