Insecure Processing of Data

This category covers the following issues:

Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS)

Why is this important?

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise trusted websites. XSS attacks allow attackers to target legitimate users of a web application by sending malicious script code to them.

Check out this video for a high-level explanation:

Fixing Cross-Site Scripting

Option A: Perform output encoding

Go through the issues that GuardRails identified in the PR.
Look for patterns like this:

def index(conn, %{"dangerous" => dangerous}) do
  put_resp_content_type(conn, "text/html")
  |> send_resp(200, dangerous)
end

or:

def index(conn, %{"dangerous" => dangerous}) do
  html conn, "<h1>\#{dangerous}</h1>"
end

or:

<%= raw(@dangerous_user_input) %>
# This bypasses the in-built escaping and has to be used with care. Ensure that the
# content is not coming from request parameters, and is a safe hard-coded string.

And use safe alternatives like:

def index(conn, %{"dangerous" => dangerous}) do
  put_resp_content_type(conn, "text/plain")
  |> send_resp(200, dangerous)
end

or use a function URI.decode to encode dangerous characters :

def index(conn, %{"dangerous" => dangerous}) do
  html conn, "<h1>\#{URI.encode(dangerous)}</h1>"
end

Test it
Ship it 🚢 and relax 🌴

More information:

Docs for URI.decode
OWASP Cheat Sheet - XSS

GuardRails

General

Apex

C/C++

Elixir

Go

Java

Javascript/TypeScript

Kubernetes

PHP

Python

Ruby

Rust

Solidity

Terraform