Dan Collis-Puro
Member
Posted 2 years ago #
One can write CSS expressions that invoke javascript and are interpreted in IE. This could potentially allow an attacker to do all sorts of nasty things through CSS-injected javascript.
Does this plugin deal with css expressions?
A quick overview:
http://mark-story.com/posts/view/css-expressions-in-ie-and-scoping
We're considering using it on blogs.law.harvard.edu, but I wanted to know if you'd looked into this issue. I didn't see anything specific in the simpler_css_filter() function and in my testing css expressions got through unscathed.
--DJCP
http://wordpress.org/extend/plugins/simpler-css/
Frederick D.
Member
Posted 2 years ago #
Hi,
While it seems possible to do damaging things with CSS expressions, there's nothing in the plugin currently to deal with this.
There's the WordPress.com-released Safe CSS plugin (http://wordpress.org/extend/plugins/safecss/) which uses its regular expressions combined with CSS Tidy to clean up and optimize CSS code. I'd recommend using that if you're serious about duplicating the functionality they have on WordPress.com.
It's a little difficult to deal with CSS expressions in regular expressions, but looks like they've managed to find a way to clean expressions by leveraging CSS Tidy.
