Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Executing JavaScript from Flex: Is this javascript function dangerous?

Tags:

javascript

apache-flex

exploit

I have a flex application that needs the ability to generate and execute JavaScript. When I say this, I mean I need to execute raw JavaScript that I create in my Flex application (not just an existing JavaScript method)

I am currently doing this by exposing the following JavaScript method:

function doScript(js){ eval(js);}

I can then do something like this in Flex (note: I am doing something more substantial then an alert box in the real Flex app):

ExternalInterface.call("doScript","alert('foo'));

My question is does this impose any security risk, I am assuming it's not since the Flex and JasvaScript all run client side...

Is there a better way to do this?

like image 534
mmattax Avatar asked Aug 21 '08 16:08

mmattax

People also ask

What is this in JavaScript function?

What is this? In JavaScript, the this keyword refers to an object. Which object depends on how this is being invoked (used or called). The this keyword refers to different objects depending on how it is used: In an object method, this refers to the object.

How do you check if a function is executed in JavaScript?

One way to check if a function is defined is to test it with an if statement. The trick is to test the function as a method of the window object. The code in the brackets will execute if the function is defined.

Which of the following function will run a JavaScript code stored in str?

Conclusion. We can run JavaScript code that's stored in a string with JavaScript by creating a function from it with the Function constructor or pass it into the setTimeout function.

How do you call a function in HTML?

In this method, we will create and define a function in the HTML document's head section. To invoke this function in the html document, we have to create a simple button and using the onclick event attribute (which is an event handler) along with it, we can call the function by clicking on the button.

2 Answers

There's no need for the JavaScript function, the first argument to ExternalInterface can be any JavaScript code, it doesn't have to be a function name (the documentation says so, but it is wrong).

Try this:

ExternalInterface.call("alert('hello')");
like image 155
Theo Avatar answered Oct 18 '22 15:10

Theo

This isn't inherently dangerous, but the moment you pass any user-provided data into the function, it's ripe for a code injection exploit. That's worrisome, and something I'd avoid. I think a better approach would be to only expose the functionality you need, and nothing more.

like image 22
Funkatron Avatar answered Oct 18 '22 15:10

Funkatron
Sign in to Comment

Related questions

How do I position the caret inside a span element that has no text inside of it yet?
React Error: "SharedArrayBuffer is not defined" in Firefox
Jest mocking: TypeError: axios.get.mockResolvedValue is not a function
PgAdmin for Windows in the latest version (4.28) doesn't start anymore, hangs in the loading screen and shows JavaScript errors in the browser console
MongooseServerSelectionError: connect ECONNREFUSED 127.0.0.1:27017
Cypress how to temporarily escape from a cy.within()
Cannot destructure property 'data' of '(intermediate value)' as it is undefined
Two dimensional array passed to new Map fails in typescript
DOMParser for large html
npm ERR! semver.simplifyRange is not a function
ChartJS - rolling twenty minute view
group by array of objects with condition and custom key
Draw a line from one element to multiple elements on click
Firebase Modular SDK V9.0.0+ TypeError: Cannot read property 'apps' of undefined firebase
Using lookahead, how to ensure at least 4 alphanumeric chars are included + underscores
Clicking over hidden element in Cypress is not working
Navigate is not a <Route> component. All component children of <Routes> must be a <Route> or <React.Fragment> [duplicate]
Can a constructor ever return a primitive?
Jquery append text data with a line break
Best way to fix CSS/JS drop-down in IE7 when page includes Google Map

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!