Go4Expert

Go4Expert (http://www.go4expert.com/)
-   JavaScript and AJAX (http://www.go4expert.com/forums/javascript/)
-   -   XSS Prevention Script Upgrade (http://www.go4expert.com/forums/xss-prevention-script-upgrade-t19559/)

akshits 26Sep2009 09:28

XSS Prevention Script Upgrade
 
Hello,

I made a script to prevent XSS attacks in my website. This will be run in the IFrame automatically. The JScript Code is:-

Code:


// Secure page for XSS attacks
// IFrame XSS Prevention
// This will be injected into the page of the IFrame, and this function shall run in a timer!

(function() {

// Delete all known functions to use

var AJAX = function() { }; // Delete any known function for AJAX
var Ajax = function() { }; // Delete any known function for AJAX
var XMLHttpRequest = function() { }; // Delete any known function for AJAX
var alert = function() { return(false); }; // Delete any known function to bug user

// Delete all known prototypes

window.prototype.open = function() { }; // Delete any known function for opening obstructive windows
window.prototype.parent = null; // Delete any known function for to connect to the parent
document.prototype.createElement = function() { }; // Delete any known function for creating any elements
document.prototype.getElementById = function(x) { return(false); }; // Delete any known function for connecting to any element
window.prototype.frames = null; // Delete any known function for connection to any frames
document.prototype.location = function() { }; // Delete any known function for location changing
window.prototype.location = function() { }; // Delete any known function for location changing

// Set news functions

function $() { };

}){};

I doubt this code will run! Specially the window.prototype.*** and the document.prototype.***. Please help me make the script a success!

Thanks,
Akshit Soota


All times are GMT +5.5. The time now is 06:02.