Computer Science > Cryptography and Security
[Submitted on 14 May 2020]
Title:DjangoChecker: Applying Extended Taint Tracking and Server Side Parsing for Detection of Context-Sensitive XSS Flaws
View PDFAbstract:Cross-site scripting (XSS) flaws are a class of security flaws that permit the injection of malicious code into a web application. In simple situations, these flaws can be caused by missing input sanitizations. Sometimes, however, all application inputs are sanitized, but the sanitizations are not appropriate for the browser contexts of the sanitized values. Using an incorrect sanitizer can make the application look protected, when it is in fact vulnerable as if no sanitization was used, creating a context-sensitive XSS flaw.
To discover context-sensitive XSS flaws, we introduce DjangoChecker. DjangoChecker combines extended dynamic taint tracking with a model browser for context analysis. We demonstrate the practical application of DjangoChecker on eight mature web applications based on Django, discovering previously unknown flaws in seven of the eight applications, including highly severe flaws that allow arbitrary JavaScript execution in the seven flawed applications.
Submission history
From: Antonin Steinhauser [view email][v1] Thu, 14 May 2020 14:00:56 UTC (92 KB)
References & Citations
Bibliographic and Citation Tools
Bibliographic Explorer (What is the Explorer?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)
Code, Data and Media Associated with this Article
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)
Demos
Recommenders and Search Tools
Influence Flower (What are Influence Flowers?)
Connected Papers (What is Connected Papers?)
CORE Recommender (What is CORE?)
arXivLabs: experimental projects with community collaborators
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.