I'm testing my current site for XSS vulnerabilities, and I came across this one on:
http://ha.ckers.org/xss.html ---------------------------- IMG Embedded commands part II - this is more scary because there are absolutely no identifiers that make it look suspicious other than it is not hosted on your own domain. The vector uses a 302 or 304 (others work too) to redirect the image back to a command. So a normal <IMG SRC="http://badguy.com/a.jpg"> could actually be an attack vector to run commands as the user who views the image link. Here is the .htaccess (under Apache) line to accomplish the vector ---------------------------- Now this is an interesting one... How would you avoid this? Only take parameters from the POST data? Any other ideas? Clint ________________________________________________________________________ Clinton Gormley [EMAIL PROTECTED] www.TravelJury.com - For travellers, By travellers