XSS-Reflected critical error detected by Fority, as follows:
- JSP Page1 transmits some parameters to JSP page2, then page2 displays these parameters by <%=para1%> method. However, Forfity will detect some XSS Reflected critical errors
Example:
- <a href="logmgt.jsp?orderName=<%=orderName%>&cateName=<%=cateName%>">Go to Another Page</a>
where, orderName and cateName come from Pasge1
References:
- http://knowledge.twisc.ntust.edu.tw/doku.php?id=3%E4%BC%BA%E6%9C%8D%E7%AB%AF%E5%AE%89%E5%85%A8:3-2%E6%87%89%E7%94%A8%E7%A8%8B%E5%BC%8F%E5%BC%B1%E9%BB%9E:%E8%B7%A8%E7%B6%B2%E7%AB%99%E8%85%B3%E6%9C%AC%E6%94%BB%E6%93%8A
- http://itschool.dgbas.gov.tw/blog/post.do?bid=5&pid=79
- Recommendations from above references: Using the structured output mechanism (such as <bean:write ……> or JSTL(<c:outvalue=”……”/>) instead of using (<%=……%>)
Hence, the above source code can be recoded, as follows:
<a href="logmgt.jsp?orderName=<%c:out value="${param.orderName}"/>&cateName=<c:out value="${param.cateName}"/>">Go to Another Page</a>
Difference:
<%=orderName%> ------- <%c:out value="${param.orderName}"/>
where, the orderName can be save into request.setAttribute("orderName",request.getParameter("orderName"))
Finally, all the XSS-Reflected errors have been solved by JSTL tag.
How to use JSTL:
1. Download the required jar files (jstl-impl-1.2.jar, jstl-api-1.2.jar) from http://jstl.java.net/download.html
2. Put these jar files into WEB-INF/lib folder
3. To define the tag (<%c/> ), you should add this line (<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt" %>) in the top of your page
No comments:
Post a Comment