Questions tagged [javascript]
The common name for the language used primarily for scripting in web browsers. It is not related to the Java language. Standardized as ECMAScript, its dialects/implementations include JavaScript and JScript.
1,372 questions
5
votes
1
answer
1k
views
Storing a session token in localstorage
I've heard the discussion many times of whether storing credentials or other sensitive info in localStorage or document.cookie is more secure. But I'm currently building a platform and I was wondering,...
- 351
1
vote
1
answer
183
views
JavaScript Control Over New Tab and SOP Behavior
I’d like to ask for some advice regarding controlling a newly opened browser tab using JavaScript.
Here’s the situation: I have my own website hosted at my.site.com, which includes a link to a ...
- 11
0
votes
1
answer
367
views
How to securely load user genereated Javascript code from IFrame into my website?
Before I start, I have found a few related references to this question, but they are not answered previously or are about a slightly different scenario to mine.
I have the following need. I need a way ...
- 115
2
votes
1
answer
424
views
How to create a PDF payload?
Several questions here "hint" at PDF capabilities (executing js code, exfiltrating/probing network, etc)
But If i want to create one PDF that will trigger my internal phishing test url, how ...
- 355
4
votes
1
answer
3k
views
Is it safe to use Internet Archive following its cyber-attack?
This is a follow-up to a question regarding recent Internet Archive hacking.
Website web.archive.org was restored in a readonly mode but is it safe to use it? Looking at the brief disclosure of the ...
- 243
4
votes
2
answers
4k
views
Why should an attacker perform a clickjacking attack when they can simulate the click with JavaScript?
What's the reason why an attacker should choose to perform a clickjacking attack?
If they create a malicious website, they could just perform the action automatically, they don't need to "trick&...
- 537
0
votes
1
answer
306
views
Predicting math.random after math.floor
I know math.random() in javascript can be predicted if you know the exact outputs of it, but if I only know what it gives after doing math.floor(100 / (1.0001 - Math.random())), how would I use this ...
1
vote
0
answers
120
views
How to launch XSS code from an INPUT tag?
I have a website with the following code:
<input class="Header--search--form-input" name="search" value="" onfocus="alert(1)" autofocus="...
5
votes
1
answer
2k
views
What is the term for when a hyperlink maliciously opens different URL from URL displayed when hovered over?
Is there a term for when an anchor tag opens a different URL than its href or performs some action such as showing a pop-up instead of opening expected URL?
Excluding non-malicious cases such as a ...
- 53
4
votes
1
answer
327
views
How can I identify open-source JavaScript libraries within minified code?
These days, most websites minify & concatenate their code.
Are there techniques to identify open-source libraries within minified, concatenated code?
I'm mostly interested so I can focus analysis ...
- 35k
0
votes
0
answers
68
views
Do MS Word and Adobe Elf/Acrobat block javascripts from running?
I opened a pdf yesterday and found out it contained javascripts (that could possibly be malcious.) I wanted to know if the javascripts would trigger if I opened it in Word "protected view" ...
1
vote
0
answers
102
views
Overcoming Cookie Theft Barrier in XSS Attack despite CSP Implementation
I have a website that includes CSP rules:
.use(
helmet.contentSecurityPolicy({
directives: {
defaultSrc: ["'self'"],
scriptSrc: [
"'self'",
"cdnjs....
- 13
5
votes
1
answer
948
views
What are the reasons for CORS failure errors to not be available to JS?
From Cross-Origin Resource Sharing (CORS) - HTTP | MDN:
CORS failures result in errors but for security reasons, specifics about the error are not available to JavaScript. All the code knows is that ...
- 1,611
2
votes
1
answer
864
views
Secure way to output encoding HTML for insert raw html via javascript
I want to be 100% secure, I create raw html this way:
const template = document.createElement('template')
template.innerHTML = html_raw
const cloned = template.content.cloneNode(true)
document....
- 171
0
votes
1
answer
796
views
is <script>javascript:alert(document.domain); a valid script for xss?
I have submit the following text <script>javascript:alert(document.domain); in a feedback of a restaurant listed on a website and feedback is sent to website not restaurant.
I want to verify but ...
1
vote
0
answers
184
views
Can an embedded 3rd party JS script access or keystroke log an iFrame's content
Say there is a web page with two 3rd party javascript URL scripts embedded in it. One creates a support chat window and the other creates an iFrame within which a user enters payment information into ...
- 111
1
vote
1
answer
178
views
Is it safe to store the OIDC token in a private field of a javascript object?
I would like to initialise a React application with an OIDC token.
This token will be stored in a private field of the "api client" object. This object will be used to execute API calls and ...
- 655
1
vote
1
answer
192
views
Is this a type of XSS attack?
I have been exploring customer support in a website as part of bug bounty program.
I then started a chat with their customer support and pasted the following in the box:
<!--<img src="-->...
1
vote
1
answer
260
views
Timing Attack using bcrypt.js
I am using bcrypt.js for basic login. I have found that the below code runs noticeably quicker when no user is found, since it exits immediately, and no check is done on the hash. This could give an ...
- 153
1
vote
0
answers
192
views
What's an example of a good uninjection in Node.js? (mySQL)
I'm hosting a simple MariaDB/mySQL server on my Raspberry Pi. I would like to know whether or not this code is secure enough to reject an injection attempt made by login/signup, etc.
function ...
- 351
0
votes
1
answer
211
views
Certificate structure for accessing a local device from a web app
I have a pretty standard web app (react client, node server), https-enabled.
I want to add the ability for the web app to access a device on the local LAN. The device has REST APIs and I can install ...
- 101
3
votes
1
answer
23k
views
Where to store JWT refresh tokens
Where to store JWT refresh tokens? My idea was to encrypt the refresh token with crypto-js AES and salt, keeping it in an environment variable (.env). Then, the refresh token would be stored in either ...
1
vote
0
answers
158
views
Is there a way to prevent/detect DOM Clobbering in the browser?
It is possible to clobber document attributes, e.g.:
<img name="cookie">
...
typeof(document.cookie)
//=> 'object'
Is there any way to prevent this from happening, access the ...
- 11
2
votes
1
answer
2k
views
Why don't Internet browsers allow me to fetch a JSON file from raw.githubusercontent.com, but they allow me to fetch .psm files from there?
When I was making my PicoBlaze Simulator in JavaScript, I added 6 examples of how to use it. Those examples are on my GitHub profile, they are the .psm (PicoBlaze Assembly) files. I decided not to ...
- 123
0
votes
1
answer
298
views
What is the best way to validate third-party domains calling an API?
Our business is in the payment processing space and one of our core products is a Payment Gateway API. In terms of security we issue an API Key, Signature and RSA Encryption for sensitive information ...
- 103