1. Field of the Invention
This invention relates to methods and apparatus for preventing unwanted code execution in a computing environment executing a scripting language and associated environment, and in particular, to methods and apparatus for preventing cross site scripting (XSS) attacks.
2. Related Art
Cross site scripting (XSS) is summed up by an attacker (also known as a hacker) “injecting” a script into a website (or any other viable vector, such as an instant messaging client, and the like) that causes a particular webpage or client software to send information outside of the intended host website, or that causes a website/client software to perform some other action that is desirable to the attacker, such as propagating spam messages, harvesting personal information for further attacks/fraud or simply proving a point.
There are three typical forms of XSS attack, summarised as follows: Reflected (or non-persistent) XSS, where by a website inadvertently allows mark-up or obfuscated mark-up submitted in a URL request string to be incorporated into the webpage. An attacker places a link in a second website or an email and coaxes a user into clicking the link, which contains the script. The requested webpage “reflects” the injected script resulting in the execution of the script and the possible disclosure of the details of the user who clicked on the link; Persistent. XSS, where by a website inadvertently allows mark-up to be saved to the server or where by a hacker is able to install mark-up or script on one or more pages through SQL-Injection or direct hacking of a server. The affected website subsequently incorporates the mark-up or script each time the affected webpages are loaded. The code contained in the mark-up executes for each user that accesses the affected pages; Self-XSS, where by a user is coaxed through careful social engineering to inject script directly into the browser address-bar or command prompt.
Cross site scripting attacks are particularly a thorn in the side for Web 2.0 sites, i.e. those websites that allow users to contribute content to the website and/or allow complex messaging between users (including recommendations, etc), for example social networking sites, and the like.
Social networking sites are particularly vulnerable because they have a very large user base, so even attacks expected to yield a low percentage of “hits” (i.e. a desirable, to the hacker, response from a target user) will still have a large number of victims. These social sites also have a very high self-information value, as they often contain a large amount of personal Information on a target user that is useful to the third party hacker when crafting a suitable attack.
Other reasons why social networking sites are particularly vulnerable include: the user base is highly susceptible to social engineering/social grooming attacks (i.e. leading users to do something unsafe, which they have been led to believe is completely safe); a social network's user base covers the most diverse range of technical understanding of how the internet works and the dangers that lurk beneath, so most users are quite unaware of the implication of what they are about to do and implicitly trust what their friends appear to have safe; social networks are designed to propagate information posted by their users rapidly to other users in the social graph through news posts, messages, etc. XSS attacks can hook onto this and affect a large number of users very rapidly; the ratio of users to support/monitoring staff of a social network is very high. It is easy for an attack to go unnoticed by the operator for a long time before they are able to start trying to stop the attack.
Accordingly, it would be desirable to provide a computer implemented security system to ameliorate the effect of the above problems.