Securely Inserting User Generated Content and JSON Into Templates

A Cocktail Approach

Created by Amira Anuar

Securely? Why?

    "Browsers are extremely finicky beasts." - pmp

Disclaimer

    insert image/note here related to this being a smorgasboard of various things and that I am not an expert

Different Browser Contexts

  • HTML Body -- <body>${ text }</body>
  • Element Attribute -- <a href="" onclick="{...}"/>
  • Links With JS -- <a href="javascript:alert(1)">
  • JS String Literal -- <script>var x='${foo}' >/script>
  • JSON Body Responses
  • E-mail addresses
  • URLs
  • So on...
  • How?