Proxomitron Filters - Discussions welcome => Security => Topic started by: hpguru on April 17, 2002, 09:22:48 AM
Title: Using the backbutton in IE is dangerous
Post by: hpguru on April 17, 2002, 09:22:48 AM
Here's the story:
http://online.securityfocus.com/archive/1/267561
Sample exploit:
http://www.eg.bucknell.edu/~ekrout/IE_Hack.html
And this will fix it.
Name = "Kill Javascript Link Popups & Exploits" Active = TRUE Bounds = "$NEST(<a,</a>)" Limit = 256 Match = "*href="javascript:*"*" Replace = "<div style="font-family: Arial; font-weight: bold;" "font-size: smaller; color: red; text-decoration: underline;">" "Possible JS Protocol Exploit Link Removed." "</div>"
You may want to tweak this to meet your own needs since this will replace all JS links.
Title: Using the backbutton in IE is dangerous
Post by: hpguru on April 20, 2002, 11:23:12 PM
Here's an improved filter. Rather than replacing the link it gives a "Heads up!".
Name = "Warn on JS Links" Active = TRUE Bounds = "$NEST(<a*>,�,</a>)" Limit = 256 Match = "*shref=($AV(javascript:*))1*" Replace = "<a href=1>!JS LINK! - �</a>"
Title: Using the backbutton in IE is dangerous
Post by: pooms on April 23, 2002, 02:44:53 AM
Rather than actually modifying javascript links (because it tends to screw up page layouts, such as on this forum!), I'm just using the "Change Link Style" filters described on this thread: http://asp.flaaten.dk/pforum/topic.asp?ARCHIVE=&TOPIC_ID=452 with this javascript hover style: a.javascript:hover{text-decoration : none; border: thin dashed blue; That way the style change when I move the mouse over the javascript link catches my attention before I click the link. The good thing about this is that it only effects layout in a minor way, although it puts the onus on me to not click the link!