: Pass IMG SRC via GET and echo it? Is that really secure? I was wondering how I can make a really simple GET and echo request more secure The code: $src = $_GET['src']; echo "<img src='$src'
I was wondering how I can make a really simple GET and echo request more secure
The code:
$src = $_GET['src'];
echo "<img src='$src' />";
Basically, I have a URL like example.com/link.php?src=imgname.jpg
Theoretically, I think it's possible to exploit it by inserting external URL's and trying to get them parsed on the site. Would you recommend doing a preg_match to only allow images and remove URLS?
More posts by @Cofer257
1 Comments
Sorted by latest first Latest Oldest Best
You have implemented a Cross Site Scripting (XSS) vulnerability. This type of injection vulnerability can be used by an attacker to steal the credentials of your users, or make users perform actions on your site or against other sites without their knowledge. For more information about XSS see wikipedia: en.wikipedia.org/wiki/Cross-site_scripting
Your vulnerability could be expoited by somebody using a src parameter that closes img tag and then inserts javascript into the page. Something like:
'/><script>alert('hello world')</script>
So YES, you should validate your input. Match it against a regular expression using preg_match such as
^[a-zA-Z0-9-_]+.(jpg|gif)$
You should also escape strings that are outputted to html using the htmlspecialchars function in php.
$src = htmlspecialchars($src, ENT_QUOTES);
echo "<img src='$src' />";
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.