codenote / domsnitch Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/domsnitch
License: Apache License 2.0
Automatically exported from code.google.com/p/domsnitch
License: Apache License 2.0
What steps will reproduce the problem?
1.
2.
3.
What is the expected output? What do you see instead?
What version of the product are you using? On what operating system?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 24 Jun 2011 at 3:49
I see a balloon telling: "DOM Snitch has crashed. Click this balloon to reload
the extension."
When I reload the extension using the balloon/extension page. it crashes again.
Linux 2.6.38.8-32.fc15.x86_64 #1 SMP Mon Jun 13 19:49:05 UTC 2011 x86_64 x86_64
x86_64 GNU/Linux
Google Chrome 13.0.782.24 beta
domsnitch v0.707
Original issue reported on code.google.com by [email protected]
on 24 Jun 2011 at 8:14
What steps will reproduce the problem?
1. Install the extension
2. Mine was set to Passive mode, don't know if that's required
3. Middle click on a link
What is the expected output? What do you see instead?
I expect that a new tab containing the clicked on link is created and the
current page stays the same. With the extension installed, the new tab is
opened, but the current page navigates to the link target as well. So you end
up with two pages both pointing to the clicked on link.
What version of the product are you using? On what operating system?
Extension: v0.706
Chrome: 12.0.742.100
OS: Windows 7 SP1, 64bit
Original issue reported on code.google.com by [email protected]
on 22 Jun 2011 at 9:54
DOMSnitch is not catching a simple test where location.search.substring(1);
makes it's way to an innerHTML.
Test case is up here http://nottrusted.com/test/dom.html?x=y
Or to get an onmouseover event in:
http://nottrusted.com/test/dom.html?x=aa%3Ca%20href%3d%27a%27%20onmouseover=%27a
lert%281%29%27%3Eref%3C/a%3E
I used DOMinator which caught this and expected DOMSnitch to do the same.
Original issue reported on code.google.com by [email protected]
on 8 Jul 2011 at 9:46
What steps will reproduce the problem?
1. Load URL http://cloudscan.org
2. Script Code from document.location executes via DOM manipulation by
innerHTML property in https://a12.alpha.godaddy.com
3. Can also use DOMinator from OWASP to see same, Acunetix etc..
What is the expected output? What do you see instead?
Expected to fingerprint DOM-XSS in document.location path part at innerHTML and
also vuln are location.ToString and referrer.
What version of the product are you using? On what operating system?
I am using Windows 2008 R2 Server 64bit with Chrome 12.0.742.122 and
the download for DOMSnitch.. great tool!
This is a False Negative report on the assumption that is should be
fingerprinting on innerHTML.. but perhaps I am reading your spec wrong.
Sorry of this is noise...
Original issue reported on code.google.com by [email protected]
on 22 Jul 2011 at 2:44
What steps will reproduce the problem?
1. Disable the DB so it doesn't contribute to the memory consumption (though
it's in the BG page)
2. Visit lots of pages
3. In the chrome task manager, watch memory consumption climb
What is the expected output? What do you see instead?
Flat memory usage.
What version of the product are you using? On what operating system?
Seen on Chrome in Mac and Linux; DS 0.743
Please provide any additional information below.
I was about to try to diagnose myself and saw Google has a JS memory profiler,
so I thought I'd punt over to you as a Googler. :-)
Original issue reported on code.google.com by [email protected]
on 26 Mar 2013 at 4:01
What steps will reproduce the problem?
1. After installing and enabling the domsnitch extension in Chrome, go to
Google Comparison Ads -> Mortgage -> Refinance
2. Enter criteria and receive results.
3. Click Email Lender link to bring up a virtual pop-up with a web form that
prompts for name, email address and a message. When about to enter anything in
the form, the popup disappears and causes the page to refresh also.
What is the expected output? What do you see instead?
The popup should not disappear and not be impacted in any other way until the
user fills in the form and clicks Send.
What version of the product are you using? On what operating system?
Chrome 12.0.742.100 on Windows 7 Professional 64 bit
Please provide any additional information below.
http://www.google.com/support/forum/p/Chrome/thread?tid=223c8e18fa6ea257&hl=en
Original issue reported on code.google.com by [email protected]
on 23 Jun 2011 at 8:03
[deleted issue]
What steps will reproduce the problem?
1. Working in ZenDesk
2. uFile.ca -- site unusable
3. SavvisStation -- ISP control panel
4. facebook (? sometimes expanding comments)
Disable DOM Snitch and the sites behave as expected.
What is the expected output? What do you see instead?
Pages reloading -- partial load of target page and reload of calling page
websites having issues with session
What version of the product are you using? On what operating system?
Latest chrome 25 on OS X mountain lion
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 26 Mar 2013 at 5:55
What steps will reproduce the problem?
1. Open the attached file in a webbrowser.
( Issue only occures only if it the file is called on a webserver. If the file
is called directly everything works fine. )
2. Click on the Link and on the button with domsnicht disabled
3. Click on the Link and on the button with domsnicht enabled
What is the expected output? What do you see instead?
The href entry of the LINK is called. Instead no href should be called
because of "return false" in the javascript onClick block.
What version of the product are you using? On what operating system?
Windows 7 Prof
Chrome Version: 13.0.782.24 beta-m
Dom Snicht Version: 0.706
Apache/2.2.14 (Win32)
Please provide any additional information below.
- Passive Mode
- Module: iframe.src
Original issue reported on code.google.com by [email protected]
on 22 Jun 2011 at 10:06
Attachments:
What steps will reproduce the problem?
1. Enabling domsnitch
2. Reload Webmin page
3. N/A
What is the expected output? What do you see instead?
Sub menus are to open and from subs open page in frame
What version of the product are you using? On what operating system?
Ubuntu 10.04.1 LTS server
Webmin 1.550
Please provide any additional information below.
Servers are being accessed on local networks via ip address
Disabling domsnitch and reloading page restores function of menu's
Original issue reported on code.google.com by [email protected]
on 22 Jun 2011 at 4:29
What steps will reproduce the problem?
1. Enable win.eval hook
2. Execute evel within the context of a function, not a window, and reference
variables that are only valid within the function context
What is the expected output? What do you see instead?
eval command should work
What version of the product are you using? On what operating system?
eval is executed within the context of the window
Please provide any additional information below.
function x() {
var y = 1;
try {
eval("y++");
} catch(e) {}
}
var z = new x();
Not sure if the try/catch block or function creation matters.
Original issue reported on code.google.com by megazzt
on 22 Jun 2011 at 3:07
What steps will reproduce the problem?
1. Visit a web page, such as "http://mydomain.com/showLog.do"
2. Click on a link, which refers to an anchor such as "<a href="#abc">"
What is the expected output? What do you see instead?
> The browser should call the url "http://mydomain.com/showLog.do#abc"
> Instead it redirects to "http://mydomain.com/#abc"
What version of the product are you using? On what operating system?
> DOM Snitch - Version: 0.706
> Google Chrome 12.0.742.100
> OS: Windows 7
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 24 Jun 2011 at 11:24
What steps will reproduce the problem?
1. enable DOM Snitch and set to passive mode
2. access facebook. log-in.
3. click on the notifications of messages button
What is the expected output? What do you see instead?
The notification or messages flyout should load but page just refreshes
What version of the product are you using? On what operating system?
Please provide any additional information below.
This also happens when viewing your saucelabs dashboard.
https://saucelabs.com/account/dashboard.
switching from pass rates to minutes will just refresh the page.
Original issue reported on code.google.com by [email protected]
on 22 Jun 2011 at 5:02
When I click a link with a URL of #, and an onclick javascript call, I get
redirected to the default page
What steps will reproduce the problem?
1. Go to http://www.mysite.com/reports.aspx
2. Click a link with an href of "#" and an onclick event.
What is the expected output? What do you see instead?
I expect my javascript to run and update the page. Instead I end up redirected
to http://www.mysite.com/#
What version of the product are you using? On what operating system?
Windows 7 Professional, Google Chrome 12.0.742.100, domsnitch 0.706.
Other information - Other javascript events (an onchange on a dropdown and a
doubleclick on a span tag) don't cause the same behavior. If I take the
href="#" out of the anchor tag, it just reloads the current page.
Original issue reported on code.google.com by [email protected]
on 22 Jun 2011 at 4:48
> What steps will reproduce the problem?
1. Download chrome Version 23 or higher
2. checkout the SVN version of domsnitch
3. Attempt to load domsnitch from the SVN
( chrome://chrome/extensions/ >> "Load Unpacked Extensions" )
> What is the expected output? What do you see instead?
The expected output is to load the extension, instead you will recieve the
following message:
Could not load extension from '/home/syn/domsnitch-read-only'. The
'manifest_version' key must be present and set to 2 (without quotes). See
developer.chrome.com/extensions/manifestVersion.html for details.
> What version of the product are you using? On what operating system?
SVN, Linux, Chrome Version 23.0.1271.91
> Please provide any additional information below.
Merely adding "manifest_version": 2 does not work to resolve the issue.
Original issue reported on code.google.com by [email protected]
on 28 Nov 2012 at 6:18
What steps will reproduce the problem?
1. Make a page that sets document.cookie on the top level during page load
script parsing and execution.
2. Turn on all DOMSnitch modules
3. Reload page
What is the expected output? What do you see instead?
An error occurs in line 66 of an unknown JS file. Code is as follows:
DOMSnitch.Modules.Document.prototype.generateGlobalId = function(type) {
// Generate unique, yet reproducible global ID
var caller = arguments.callee.caller.caller.toString(); // line 66
var token = caller.length > 50 ? caller.substring(0, 50) : caller;
var baseUrl = document.location.origin + document.location.pathname + "#";
var gid = baseUrl + type + "/" + token.replace(/\s/gg, "") + "-" + caller.length;
return gid;
}
arguments.callee.caller ends up referencing the top level function, so
arguments.callee.caller.caller is null. I suspect code needs to be added to
account for this edge case and generate a unique ID ("null" would probably be
sufficient).
What version of the product are you using? On what operating system?
I downloaded the latest CRX download. Version 0.706
Please provide any additional information below.
Google Chrome 14.0.798.0 (Official Build 89770) canary
OS Windows
WebKit 535.1 (trunk@89232)
JavaScript V8 3.4.4
Flash 10,3,181,26
User Agent Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KHTML, like Gecko)
Chrome/14.0.798.0 Safari/535.1
Command Line "C:\Documents and Settings\dbugglin\Local Settings\Application
Data\Google\Chrome SxS\Application\chrome.exe" --allow-file-access-from-files
--disable-flash-sandbox --enable-timeline-extension-api
--remote-debugging-port=1337 --flag-switches-begin --enable-click-to-play
--enable-compact-navigation --conflicting-modules-check
--enable-crxless-web-apps --no-pings --disable-interactive-form-validation
--enable-nacl --experimental-location-features
--enable-experimental-extension-apis --focus-existing-tab-on-open
--ignore-gpu-blacklist --indexeddb-use-leveldb --multi-profiles
--new-tab-page-4 --enable-p2papi --ppapi-flash-in-process
--preload-instant-search --enable-remoting --enable-tab-groups-context-menu
--enable-vertical-tabs --enable-webaudio --flag-switches-end
Executable Path C:\Documents and Settings\dbugglin\Local Settings\Application
Data\Google\Chrome SxS\Application\chrome.exe
Profile Path C:\Documents and Settings\dbugglin\Local Settings\Application
Data\Google\Chrome SxS\User Data\Default
Original issue reported on code.google.com by megazzt
on 22 Jun 2011 at 2:50
What steps will reproduce the problem?
1. Enable DOM Snitch
2. Open google.com
3. Look at DOM Snitch output. It found Untrusted code vulnerability (see
http://i.stack.imgur.com/oriy5.png)
What is the expected output? What do you see instead?
Expected: There is no Untrusted code vulnerability
Actual: When opening google.com, DOM Snitch sends many requests (see
http://i.imgur.com/V8UF2.png). Maybe, then it calls it Untrusted code
What version of the product are you using? On what operating system?
DOM Snitch v0.740, Windows 7 64 bit
Additional information:
Previously I asked this question at
http://security.stackexchange.com/q/11696/5501
Original issue reported on code.google.com by [email protected]
on 18 Feb 2012 at 6:58
What steps will reproduce the problem?
1. Run app via chrome with domsnitch enabled
2. Running in debug mode (Visual Studio) helps to see the issue.
What is the expected output? What do you see instead?
Page_Load in app's codebehind file should only be called once.
What version of the product are you using? On what operating system?
v0.740, Windows 7
Please provide any additional information below.
It seems to be due to the href'less anchors in the "Dom snitch is currently
running" message. After Domsnitch is disabled or the notification is dismissed
permanently this behavior no longer occurs.
Original issue reported on code.google.com by [email protected]
on 27 Nov 2012 at 10:16
What steps will reproduce the problem?
1. Open a Spreadsheet or Drawing from your Google Docs list (Documents appear
not to be affected)
2. Wait for the page load indicator to stop spinning
3. Keep waiting...
What is the expected output? What do you see instead?
The page load indicator should clear, demonstrating that page load was
completed.
What version of the product are you using? On what operating system?
DOMSnitch 0.706, Google Chrome 12.0.742.100, Windows 7 SP1
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 22 Jun 2011 at 9:13
What steps will reproduce the problem?
1. Install or Enable DOM Snitch
2. Any mode works (Passive, Invasive, Standby)
3. Click, Ctrl+Click, Middle Mouse Click a link
What is the expected output? What do you see instead?
Modifier + Click :
Expect that the link will open solely in new tab/window.
Instead current window navigates to the link as well.
Click with href="" and onclick="return false" handling :
Expect that anchor does nothing.
Instead current window reloads page.
What version of the product are you using? On what operating system?
DOM Snitch 0.706
Chrome 13.0.782.32 beta-m
Windows 7 x64
Please provide any additional information below.
The onclick handler mentioned above is actually a function that displays a
popup menu and then returns false, e.g. onclick="return popup()"
Original issue reported on code.google.com by [email protected]
on 23 Jun 2011 at 8:23
What steps will reproduce the problem?
1.
2.
3.
What is the expected output? What do you see instead?
What version of the product are you using? On what operating system?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 28 Jan 2014 at 2:18
Attachments:
There should be a filter that restricts the input method. For instance I am
getting a lot of reports of dom based xss via cookie value, and I don't care
because this isn't exploitable. Some people might care, so there should be a
configuration option. I have noticed that referer is also very common, and it
might be nice to filter for that as well.
Original issue reported on code.google.com by [email protected]
on 3 Sep 2011 at 1:27
When using the Command-Click shortcut in Chrome on OSX while DOM-Snitch is
enabled, the shortcut key opens the link in the current tab and opens a
background tab with the link URL. The shortcut should not open the link in the
current tab, only in the new background tab.
Original issue reported on code.google.com by [email protected]
on 21 Jun 2011 at 10:14
What steps will reproduce the problem?
1.
2.
3.
What is the expected output? What do you see instead?
What version of the product are you using? On what operating system?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 18 Mar 2013 at 1:33
What steps will reproduce the problem?
1. Tried to make reservations at Marriott.com, caused endless loop of inputting
info without getting results
2. Slowing download of various sites
3.
What is the expected output? What do you see instead?
What version of the product are you using? On what operating system?
Chrome,version 12.0.742.100
Vista,is my operating system
Please provide any additional information below.
Having problems with Snitch stopping & slowing downloads?
Original issue reported on code.google.com by [email protected]
on 23 Jun 2011 at 5:55
[deleted issue]
What steps will reproduce the problem?
1. Download | Install latest version, .717
2. Load URL http://cloudscan.org
What is the expected output? What do you see instead?
I run DOMSnitch against the URL http://cloudscan.org and see the output that
says an untrusted source.... when I export to TXT | Doc.. the output it empty.
What version of the product are you using? On what operating system?
UA = 13.0.782.218 m, OS = Windows 2008 R2 Server 64 Bit, untested on other OS
platforms.
Please provide any additional information below.
Global.URL for baseline transaction = http://cloudscan.org and results are
posted in Issue #21, DOMSnitch still not fingerprinting the issues with no
output for an exported record to TXT | Doc.
Original issue reported on code.google.com by [email protected]
on 1 Sep 2011 at 11:45
What steps will reproduce the problem?
1. Visit a site that uses something similar to "return false;" on click events
in jQuery
2. Click a link that has Javascript rewrite the link and block the default link
from occurring
Two examples:
Facebook.com - If you click the icon in the top left that shows your
notifications while DOM Snitch is enabled, the drop down will appear, and then
the page will take you to the notifications page. This is not normal - disable
DOM Snitch and clicking the icon will only show the drop down, not take you
anywhere.
Expensify.com - On the home page when not logged in, there is an arrow pointing
to the right that allows the headline product features to scroll right. With
DOM Snitch enabled, clicking will start the animation and then the page will
reload. With DOM Snitch disabled, clicking will start the animation and then
nothing further will happen.
What version of the product are you using? On what operating system?
On Chrome 12.0.742.100 on Mac OSX 10.6.7, using DOM Snitch version 0.706.
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 23 Jun 2011 at 9:49
What steps will reproduce the problem?
1. Enable domsnitch
2. Load Hacker News
3. Upvote
What is the expected output? What do you see instead?
I expect to upvote with the JavaScript link. Instead, Chrome takes me to a
http://news.ycombinator.comvote/?2495... URL.
What version of the product are you using? On what operating system?
Chrome on Linux 12.0.742.100
Please provide any additional information below.
I installed domsnitch as I saw it released, and assumed since it is described
as 'passive' that I could leave it installed & enabled (as I do with the Web
Developer and other dev plugins). However, I have noticed random errors and
slower page load times. I would just recommend mentioning in the docs that
it's not an extension to leave enabled for normal browsing.
Otherwise -- Thanks for another great product, I'm sure I'll be using it often!
Original issue reported on code.google.com by [email protected]
on 23 Jun 2011 at 1:02
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.