1st is, whether executing javascript on clients browser context in http req. is permissible.
>>>>>> we don't have any control to implement policy to restrict developers >>>>>> using such feature. 2nd as yahoo is one of the most visted sit, how can avoid cjances of false postive, and is there any way to harden this signature. >>>>>>IDS detection is most effective only when it is configured properly and >>>>>>signatures are specific to attack. Generic signatures are only good to identify unknown attacks,Provided you have good logging capability. but problem is false positives. My would suggest is to find some vulnerable file path + XXS pattern to be more effective. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
