Eliminating DOM-based XSS

Or: How taint tracking in Chromium works

Tobias Mueller

Playlists: 'mrmcd2014' videos starting here / related events

The problem of Cross-site scripting (XSS) has been known for over a decade. It remains one of the biggest security problems of the current Web. A subproblem of XSS is DOM-based XSS which is caused solely by vulnerable code sent to and executed by a client. Comtemporary client-side protection mechanisms against XSS attacks try to approximate data flows occurring on the server by comparing strings. That approach, however, is not capable of satisfyingly protecting against DOM-based XSS attacks as the data flow is occurring on the client side.
This talk presents a client-side protection mechanism against the problem of DOM-based XSS and to evaluate its efficacy and efficiency.