Hi malware fighters,
Malicious javascript is one of the main vectors of malware into the browser. Filtering your javascript code is a must. Save following file “flockCode_filter” or save as “firefoxCode_filter” as a JS file inside the browser components folder. Like to hear your comments:
window.onload = init;
function init()
{
var contentDiv = document.getElementById('content');
final String inputStr = request.getParameter("input");
final String numericPattern = "^\\d+$";
if (!inputStr.matches(numericPattern))
{
/* invalid input, do something with error*/
}
/* regular expression that
* tests for the existence of malicious characters
* and replaces them with a space. */
final String filterPattern="[<>{}\\[\\];\\&]";
String inputStr = s.replaceAll(filterPattern," ");
# to inline/filter external javascript files you'll need 'abs_uri'
# my $jsxray = JavaScript::XRay->new(
# abs_uri => $abs_url_or_local_file_path
# );
# use switches to change filtering behavior
# $jsxray->switches( only => 'onData' );
# use inlining to inline/filter external javascript files
# $jsxray->inline_methods( 'dir1', 'dir2', \&callback, 'HTTP_GET' );
# filter page
print $js_xray->filter($html_page);
anon => 1
no_exec_count => 1
$jsxray->inline_methods( @methods );
$javascript_code = &$code_ref( $src_attr, $abs_uri );
$jsxray->filter( $html );
type="text/jscript">
}
if ([<>{}\\[\\];\\&])
{
alert('abs_uri');
}
else
{
alert('$src_attr, $abs_uri');
}
unless ($useraddress =~ /^([-\@\w.]+)$/) {
print "Security error.\n";
exit (1);
}
Enjoy,
polonus