Andrew's Security Filter(s) v5.62 (May 10, 2009)

[z12]

Kye-U Wrote:EDIT: Found a 484-byte long <script> tag here; increased the byte-limit in my test filter from 256 to 512

Yeah, 256 is too small.

Oddysey Wrote:Don't forget that in some cases, the "<script...." you see in a page's source code didn't necessarily arrive in that form
...snip...
<document.write "<scr" + "ipt>"...... etc.>

In order for the code example you cited to work, the outer html script tag must work.
If you disable the html script tags, nothing in the script will work.

Oddysey Wrote:Mike, is this what you meant by the tag sometimes being encoded?

I was thinking of the String.fromCharCode() and String.charCodeAt() javascript methods.
Although trying to text match variations of your example can also be a real pain.

z12