Hi Michael, The XSS plugins should not false positive in that situation. I submitted a patch that adds a "bodyonly" parameter to http_keepalive_recv_body, and all XSS plugins should set this to 1. Regarding what should happen with redirects; I think they're just like external links and should be handled by webmirror.nasl. i.e. if the link is on the same domainname it is examined, if it is external it is ignored. Regards, Paul Michael Scheidell wrote: >how should redirects be handled in http* plugins? > >as an example, ALL of the XSS plugins will false positive if a web site does a blanker redirect (301 or 302) since the 'script' it is looking for will be in the Location header. > >should nessus (nasl): >A) FOLLOW THE REDIRECT and 'attack' the site that its redirecting to (BAD FORM! might redirect to www.fbi.gov!) > >B) do something similar to 'no404.html' (ie "yes30x.html"? and report it? > >C) edit the http_keepalive.inc to consider a 301 and 302 as a 404? > >( have a private site that you can try postnuke_reviews_xss.nasl on which I can send in email) > > > > -- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: paul@private web: www.westpoint.ltd.uk _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Mon Sep 13 2004 - 02:11:40 PDT