LiteSpeed Technologies
Download Download     Blog Blog     Wiki Wiki     Forum Forum     Store     Contact Contact    

Go Back   LiteSpeed Support Forums > LiteSpeed Web Server > Install/Configuration > Enabling XSS attack on Drupal results in 403

Reply
 
Thread Tools Display Modes
  #1  
Old 06-27-2011, 07:37 PM
csdco csdco is offline
Member
  
Join Date: Jun 2011
Posts: 14
Default Enabling XSS attack on Drupal results in 403
The XSS attack Request Filter seems to think any AHAH Framework JavaScript callback is an XSS attack. I had to disable this filter completely to allow forms with file uploads on them to submit without getting a 403.

Is this a big concern? Drupal has a lot of built in XSS filtering to handle form submission and the like, but I'm curious if there is anything in the raw JS from user-to-server that I should be thinking about.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -7. The time now is 11:11 AM.



- Archive - Top
© Copyright 2003-2011 LiteSpeed Technologies, Inc. All rights reserved. Privacy Policy.