[Dojo-interest] Interesting paper on HTML5 injection attacks
rob at mosais.com
Mon Jun 30 21:38:59 EDT 2014
Interesting study on attacks and vulnerabilities of HTML5 mobile apps:
In our Cordova based app, we have the ability of scanning barcodes using a third party plugin. On return from the plugin we put the value into the destination mobile textbox widget via .set('value', barcodereturnvalue). We've had a bit of a dig through the source but was wondering if anyone could comment on whether code embedded in the 2d barcode could ever be executed with the attribute setting approach (rather than just adding it to the DOM).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dojo-interest