Difference between revisions of "MediaWiki"

From Nick Jenkins
Jump to: navigation, search
(Definition of Security Aspects)
m (Reverted edits by 202.132.11.76 (Talk) to last version by 218.207.138.74)
Line 19: Line 19:
 
perfect design thanks <a href=" kides sex ">preteen little lolitas</a>  rshyon
 
perfect design thanks <a href=" kides sex ">preteen little lolitas</a>  rshyon
  
good material thanks <a href=" Videos ">Sexyamateurshots</a> lhjhqk
+
==Definition of Security Aspects==
 +
 
 +
For the above table, "security aspect" is defined as anything that causes the start of a tag to be missing, or the end to be missing, or attributes of any type that should not be there to be injected. For example:
 +
* ''&lt;p&gt;&lt;td&gt;&lt;s&gt;&lt;/p&gt;'' would '''not''' be considered to have a security aspect because all the tags are appearing ok (are not malformed), although it is invalid HTML.
 +
* ''<nowiki>&lt;a href="http://as&lt;td&gt;&lt;/td&gt;&lt;td class="external free"&gt;&lt;p&gt;user text here</nowiki>'' would be considered to have a security aspect because the "href" string is not properly terminated, and so the "external free" part is injected as attributes.
 +
* A string missing the start of a tag would also be considered to have a security aspect - e.g. ''<nowiki>&lt;th&gt;|||||" class="external free" title="https://||||||" rel="nofollow"&gt;https://&lt;/th&gt;</nowiki>'' - because the ''&lt;a href="xxx'' part has been cut off. Probably not exploitable - but certainly a worse category of bug than just getting tags in the wrong order.
 +
So to sum up: if tags are just in the wrong order, but are otherwise complete and well-formed, then it is not a security issue; otherwise it is considered to potentially be, and is listed as "Yes" in the above table.

Revision as of 00:49, 2 October 2008

Hello visitor! If you found this page, then you probably wanted something else. Here are links to what you're probably looking for:

Now back to your regularly scheduled programming....


Various MediaWiki 1.7.1 and extension parser tests, that fail HTML validation and/or have potential security issues. There is a MediaWiki bug report covering this. Some were found by hand, but most of these were found by fuzz testing of MediaWiki, using a modified PHP port of the Python port of mangleme. The original source code is available, although the version now in the MediaWiki trunk is much more current. Lastly, all the MediaWiki tests listed below are released into the public domain, and as such you're welcome to incorporate them into any software you like, under any license you like.

Very interesting tale <a href=" Pthc ">Loli Hc Bbs</a> 705847

Hello good day <a href=" indonesian lolitas ">little

</a> 512

I love this site <a href=" Smythe Porn Star ">Redporn</a> pvww

perfect design thanks <a href=" kides sex ">preteen little lolitas</a> rshyon

Definition of Security Aspects

For the above table, "security aspect" is defined as anything that causes the start of a tag to be missing, or the end to be missing, or attributes of any type that should not be there to be injected. For example:

  • <p><td><s></p> would not be considered to have a security aspect because all the tags are appearing ok (are not malformed), although it is invalid HTML.
  • <a href="http://as<td></td><td class="external free"><p>user text here would be considered to have a security aspect because the "href" string is not properly terminated, and so the "external free" part is injected as attributes.
  • A string missing the start of a tag would also be considered to have a security aspect - e.g. <th>|||||" class="external free" title="https://||||||" rel="nofollow">https://</th> - because the <a href="xxx part has been cut off. Probably not exploitable - but certainly a worse category of bug than just getting tags in the wrong order.

So to sum up: if tags are just in the wrong order, but are otherwise complete and well-formed, then it is not a security issue; otherwise it is considered to potentially be, and is listed as "Yes" in the above table.