Browsers Behavior : Handling Carriage Return "window.open('\r\n\r\n');" JavaScript Calls
The carriage return and null characters are considered to be as a potential elements of testing behavior of various programs. This works efficiently with different browsers too. The resultant output is quite stringent in relation to the normal behavior that must be shown by the browsers. The Carriage Return (CR) encompass Line Feed and New Line characters as a basic part. As per the standard fact
"carriage return character, alone or with a line feed, to signal the end of a line of text, but other characters are also used for this function (see newline); others use it only for a paragraph break (a hard return)"
Based on this fact a number of tests have been conducted on different browsers. These characters are passed as an argument to javascript:window.open() function to notice the behavior of the new window. It can be used as one of the fuzzed input for testing browser dependencies. Based on this artifact one of the Google Chrome advisory was released. The links are mentioned below:
http://www.securityfocus.com/bid/31375
http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=23189
http://osvdb.org/show/osvdb/48680
http://www.secniche.org/gcrds.html
That was the vulnerability noticed in Google Chrome and was patched by the vendor. The behavior that is noticed all the time with different browsers are:-
1. Mozilla Firefox opens bundle of windows in single stretch.
2. Google Chrome open number of windows too.
Note: We are not considering loops here but only carriage return character. some stability has been added because presence of Pop UP blockers stops the execution
of these child windows.
We have noticed this differential responses from number of browsers. I think the CR is good element to be used for fuzzing. The browsers behavior is hard to control considering the issue presented above.
Regards
Posted on 3/31/2009 09:51:00 PM by 0kn0ck | 0 Comments
