diff options
author | hackademix | 2020-02-29 19:41:17 +0100 |
---|---|---|
committer | hackademix | 2020-02-29 19:43:17 +0100 |
commit | fad07d98d60ef04d4bb0442102bc0d80063d13ba (patch) | |
tree | 22374a666da345186a938bbbc468ec62d3781e46 | |
parent | 8e90f2a8fe61b543a0ee58a1fc8abbb51196f761 (diff) | |
download | noscript-fad07d98d60ef04d4bb0442102bc0d80063d13ba.tar.gz noscript-fad07d98d60ef04d4bb0442102bc0d80063d13ba.tar.xz noscript-fad07d98d60ef04d4bb0442102bc0d80063d13ba.zip |
[XSS] More accurate base64 checks on hash.
-rw-r--r-- | src/xss/InjectionChecker.js | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/src/xss/InjectionChecker.js b/src/xss/InjectionChecker.js index a309891..b066515 100644 --- a/src/xss/InjectionChecker.js +++ b/src/xss/InjectionChecker.js @@ -890,14 +890,14 @@ XSS.InjectionChecker = (async () => { async checkBase64(url) { this.base64 = false; - this.log(url); - - - var parts = url.split("#"); // check hash - if (parts.length > 1 && await this.checkBase64FragEx(unescape(parts[1]))) - return true; + let hashPos = url.indexOf("#"); + if (hashPos !== -1) { + if (await this.checkBase64FragEx(unescape(url.substring(hashPos + 1)))) + return true; + url = url.substring(0, hashPos); + } - parts = parts[0].split(/[&;]/); // check query string + let parts = url.substring(0, hashPos).split(/[&;]/); // check query string for (let p of parts) { var pos = p.indexOf("="); if (pos > -1) p = p.substring(pos + 1); |