- From: Ahmed Elsobky <mreagle0x@gmail.com>
- Date: Fri, 8 May 2015 16:00:28 +0200
- To: Anne van Kesteren <annevk@annevk.nl>
- Cc: WebAppSec WG <public-webappsec@w3.org>
Received on Friday, 8 May 2015 14:00:59 UTC
2015-05-08 7:13 GMT+02:00 Anne van Kesteren <annevk@annevk.nl>:
> >Do you have a test case showing that <script> fires an error event
> >consistently for 4xx or 5xx status codes? I thought it would always
> >try to parse the result as a script and execute it
>
Sure, Here is a test-case for 500+ status codes:
<script src=http://apps.testinsane.com/rte/status/500/0
onerror="alert('fires onerror')"></script>
And this is a 4xx example:
<script src=http://apps.testinsane.com/rte/status/403/0
onerror="alert('fires onerror')"></script>
It's also worth noting that this has other implications rather than user
deanonymization and login detection..
Received on Friday, 8 May 2015 14:00:59 UTC