Sogou, 360, travel, windows of the century, and other browsers are similar!
The software was originally developed based on the IE6 kernel system.
IE6 has already been updated
Now open http://www.baidu.com @ 2cto.com in IE6 to echo the syntax error message
The "@" character is filtered
However, there are no echo errors in browsers such as sogou, 360, travel, and window of the century.
Instead jump directly to the address http://2cto.com
Suppose a Forum supports HTML code.
The post content is: & lt; a href = "https://mybank.icbc.com.cn/icbc/perbank/regtip.jsp@www.sina.com.cn/" & gt; http://www.icbc.com.cn/</a>
So if the user is using one of the preceding browsers, the information displayed is the http://www.icbc.com.cn
But the actual address you click to enter is www.sina.com (what if it is a phishing address ......)
Proof of vulnerability:
Suppose a Forum supports HTML code.
The post content is: & lt; a href = "https://mybank.icbc.com.cn/icbc/perbank/regtip.jsp@www.sina.com.cn/" & gt; http://www.icbc.com.cn/</a>
So if the user is using one of the preceding browsers, the information displayed is the http://www.icbc.com.cn
But the actual address you click to enter is www.sina.com (what if it is a phishing address ......)
Solution:
Filter out.
Author Litteryi