• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

View
 

Script Mapping

This version was saved 15 years, 6 months ago View current version     Page history
Saved by Romain Gaucher
on March 12, 2009 at 3:50:12 pm
 

The purpose of the WASC Script Mapping Project is to come up with an exhaustive list of vectors to cause a script to be executed within a web page without the use of <script> tags. This data can be useful when testing poorly implemented Cross-site Scripting blacklist filters, for those wishing to build an html white list system, as well as other uses.

 

Originally this project was scoped to check the W3C tags and event attribute combinations to identify which events can be fired in a given tag. After community discussion we extended the project to test for and map the different ways script can be executed by a browser without the use of the script tag. This will be identified via a combination of custom automated test suites and manual review when applicable. 

 

Releases

For each release, we need verification. If you think one result is not accurate or just wrong, you can review the associated test case and send back your comments. 

 

Timeline

To make the data more manageable we will be publishing our results in different phases.

 

HTML/XHTML event attributes

 

Script engine calls

  • JavaScript (ex, href="/javscript:alert("foo')")

  • VBScript

 

Cascading Style Sheets 

  • W3C (ref 1,2,3)

  • Gecko 

  • WebKit 

 

 

Comments (0)

You don't have permission to comment on this page.