I have a web application which uses Ajax for several tasks. It has Java as it’s middleware (Struts 1.x)
The issue is that my application was analyzed for potential security risks using static code analysis. It was found in the analysis that use of the following code is considered vulnerable.
e.g.
// Method invoked by Ajax
public ActionForward execute(...)
{
PrintWriter out = response.getWriter();
out.println("Ajax Response");
return null;
}
The report clearly mentions that the use of PrintWriter is harmful and prone to XSS (Cross Site Scripting).
I tried searching online if this is a potential threat, but could not find anything useful.
Kindly advise if this is an issue and what are my alternatives.
EDIT – The problem was found with out.println statement
Thanks,
Siddharth
You can find a lot of information online about XSS but very few really goes very detailed about how to test this and avoid it. It’s one of those things that would require some research. Let me give you an example and the code you provide may or may not be the cause of the issue.
Lets say your HTML page does an ajax call to the backend and you return the result. I am just giving you a jquery example after the success
$.each(data, function(){
$('div.result').append(this);
);
you will notice that data was just appended without validation. What if data came from a script kiddie and entered
since you are not validating your input, the user can just enter anything and the above code will steal the cookie of who ever clicks the link.
hope this helps