I've been reading about all types of security vulnerabilities common in online applications, and realized that my application had some rather large XSS holes. I found that using the Sanitize function 'cleanArray' did a nice job in removing all? of the vulnerabilities, but I am curious whether it is safe to rely on cleanArray 100%.
I looked at what cleanArray actually did, and noticed it called the Sanitize->html function. Looking at the contents of the html function, it seems like Sanitizes uses a simple 'find and replace' routine -- it looks for certain characters, like '<' and '>', then escapes them appropriately. HOWEVER, one of the hallmarks of XSS attacks is getting around simple filtering routines by using other character sets -- so for instance, if I were able to some how find a character that did not look like a '<' but was interpreted as such, I don't know if cleanArray would catch it. The html function : http://api.cakephp.org/sanitize_8php-source.html#l00081 I'm hoping that someone more familiar with XSS attacks, and Cake in general, might be able to give me some insight into whether or not we can rely on cleanArray to Sanitize data that could potentially lead to XSS attacks. Would it make more sense to use something like the PHP function 'htmlentities', which allows you to specify a charset as an argument? Is it possible that Cake takes care of this problem behind the scenes? Thanks for any and all comments! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
