<iframe> tag cause open redirect · hackmdio/codimd#959

(2 comments) (0 reactions) (0 assignees)JavaScript (8,949 stars) (1,038 forks)batch import

Hacktoberfesthelp wantedsecurity

説明

If the source website has the script like this:

<script type="text/javascript">
if(window != top) {
    top.location.href = location.href;
}
</script>

It may cause a open redirect issue on codimd. I use www.plurk.com which has anti-clickjacking code to demo.

<iframe src="https://www.plurk.com/k1tten_">

Broswer verison:

Safari 11.0.2: triggered
Firefox Quantum 62.0 : triggered
Chrome 68.0.3440.106: not triggered

技術スタック: javascripthtmlcss
領域: securityfrontend
Issue 種別: security
難度: 3
推定時間: under 1 hour
活動状況: stale
明確さ: clear
前提条件: Content Security PolicyHTTP headers
初心者向け度: 40
調査方針: Investigate where HTTP headers are set in the server code (likely in app.js or server.js). Add a Content Security Policy header with the 'frame ancestors' directive set to 'none' or 'self' to prevent embedding. Also consider adding an X Frame Options header set to 'DENY' for broader browser support. Test the fix by embedding the page in an iframe and verifying no redirect occurs.