Martin Zvarík schreef:
> What's the point?
>
> If user puts in a search input something like <script>alert('I am super
> hacker');</script>
>
> And the website outputs:
> You are searching for: <script>....</script>
>
> then what? it shows an alert(), who cares?
replace the alert() with some code that passes the cookie to a hacker controlled
domain. now create a URL that includes the given javascript:
echo 'http://mzvarik.com/foo?somevar='.urlencode('<script
type="text/javascript">/*evil code here*/</script>');
send url to unsuspecting users of your site. anyone know clicks the URL
has just had their cookies hijacked.
still don't mind?
> I, as an owner of this website, don't mind AT ALL.
>
> Aha, forget to mention the XSS on MySQL or inside comments right? Isn't
> mysql_real_escape_string(), strip_tags() enough?
>
> Martin
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
