Security/Reviews/Gaia/costcontrol: Difference between revisions

Jump to navigation Jump to search

Security/Reviews/Gaia/costcontrol (view source)

Revision as of 16:15, 25 September 2013

335 bytes removed ,  25 September 2013
→‎Suspicious but OK
Line 70: Line 70:
=====Suspicious but OK=====
=====Suspicious but OK=====
     ~/work/code/gaia/apps/costcontrol/js/view_manager.js:111 - panel.innerHTML = panel.childNodes[i].nodeValue;
     ~/work/code/gaia/apps/costcontrol/js/view_manager.js:111 - panel.innerHTML = panel.childNodes[i].nodeValue;
         -inside _loadPanel, which is a function assigned to loadPanel
         -grabbing static HTML defined in a comment block inside index.html
        -loadPanel is used inside changeViewTo
        -loadPanel is passed a 'panel' that is an HTML element in the page fetched by getElementById()
        -it appears if the HTML element panel.childNodes[i].nodeVlaue is malicious, XSS is possible
        -Specifically, changeViewTo('datausage-tab') is called, so if 'datausage-tab'


     ~/work/code/B2G/gaia/apps/costcontrol/js/view_manager.js:138 - var script = document.createElement('script');
     ~/work/code/B2G/gaia/apps/costcontrol/js/view_manager.js:138 - var script = document.createElement('script');
Rfletcher
Confirmed users
353

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/715620"

Navigation menu