CAPEC-CAPEC-86 - CERT CVE

Naziv	XSS Through HTTP Headers
Sažetak	An adversary exploits web applications that generate web content, such as links in a HTML page, based on unvalidated or improperly validated data submitted by other actors. XSS in HTTP Headers attacks target the HTTP headers which are hidden from most users and may not be validated by web applications.
Preduvjeti	Target software must be a client that allows scripting communication from remote hosts.
Rješenja	['Design: Use browser technologies that do not allow client side scripting.', 'Design: Utilize strict type, character, and encoding enforcement', "Design: Server side developers should not proxy content via XHR or other means, if a http proxy for remote content is setup on the server side, the client's browser has no way of discerning where the data is originating from.", 'Implementation: Ensure all content that is delivered to client is sanitized against an acceptable content specification.', 'Implementation: Perform input validation for all remote content.', 'Implementation: Perform output validation for all remote content.', 'Implementation: Disable scripting languages such as JavaScript in browser', 'Implementation: Session tokens for specific host', 'Implementation: Patching software. There are many attack vectors for XSS on the client side and the server side. Many vulnerabilities are fixed in service packs for browser, web servers, and plug in technologies, staying current on patch release that deal with XSS countermeasures mitigates this.']

XSS Through HTTP Headers