• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

View
 

Script Mapping

Page history last edited by Daniel Herrera 8 years, 1 month ago

Description

 

The purpose of the WASC Script Mapping Project is to create a comprehensive list of unique vectors that trigger the evocation of the  JavaScript run-time, resulting in JavaScript content to be evaluated and executed.

 

This list should include the following:

 

     - Element references (<script>)

     - HTML/XHTML DOM Events (onmousemove , onload)

     - Protocol declarations (javascript: , data:)

 

We feel this reference will prove useful for: Comprehensive testing of currently implemented Data Validation solutions such as Whitelists, Blacklists or WAFs; For those wishing to build an custom Data Validation systems that handle HTML/XHTML/XML content; As well as other uses.

 

Originally this project was scoped to check the W3C tags and event attribute combinations to identify which events can be fired in a given tag. After community discussion we extended the project to test for and map the different ways script can be executed by a browser. This will be identified via a combination of custom automated test suites and manual review when applicable. Our long term goal is to completely automate the testing, update, and maintenance of this reference.

 

Project Status: Version 0.2 is underway... (Always seeking contributors, drop me an email if you are interested in this project.)

 

Project Leader(s): Daniel Herrera <daherrera101@yahoo.com>, Romain Gaucher <rgaucher@cigital.com>

 

Project contributors:

 

Robert Auger (WASC) Kurt Grutzmacher
Roel Bollens Joren McReynolds
Thor Larholm Moritz Naumann (Naumann IT Consulting & Services)
Stefano Di Paola (Mind Security) Susam Pal

 

 

Releases

For each release, we need verification. If you think one result is not accurate or just wrong, you can review the associated test case and send back your comments. 

 

Version 0.1

 

     W3C Event Handlers: Firefox2, IE7, Safari3 (Nov. 26, 2007)(Download)Test Cases (Download)

 

 

 

Phases

To make the data more manageable we will be publishing our results in different phases. Please stay tuned for additional details regarding the release phases and an associated time line.

 

Version 0.2

 

     HTML/XHTML DOM events

 

Version 0.3

 

     Protocol References

  • JavaScript (ex: href=javscript:alert(1))

  • Data (ex: src=data:text/javacript;base64,YWxlcnQoMSk7)

 

     Cascading Style Sheets

  • W3C (ref 1,2,3)

  • Gecko 

  • WebKit 

 

 

Comments (1)

Daniel Herrera said

at 3:18 pm on Nov 2, 2011

UPDATE:

I had a few people contact me regarding the broken images in the v0.1 release.

This occurred when we migrated to this wiki, the original release contained relative paths for the image references.

To correct this in the current release, and all future releases, the icon images are now self contained with the <img> tags as base64 encoded strings. The modified release has been uploaded and all related references have been pointed to the new modified version.

You should now be able to view/download v0.1 without any issues. Please email me if you experience anything to the contrary.

Regards,


Daniel

You don't have permission to comment on this page.