any ideas to detect html manipulation on user client?

If it doesn't relate to Debian, but you still want to share it, please do it here

any ideas to detect html manipulation on user client?

Postby delare » 2019-08-15 15:17

Hi,

sorry vor mei englisch, maybe it's not the right forum for this question but i don't want create a account on a special forum for just one question.

After I read an article about a security application that injects javascript into websites with similiar of man-in-the-middle-attack (the article means that). I asked my self, is there a way for me as website owner to detect this? (Yes, it is a Windows application that does it (not from MS))

My intention is not to detect content blocking, i dont have ADs on my website and I also use a extension for blocking stuff. I have no problems if someone blocks some stuff on my website.

The point is to protect the user and also me (website owner) by code injection from unknown third party. If even the end-user does not know that his application does code injection, who can realy say: this is nothing to worry about this?

The once, what i could do is, after the server genereated that document, is to count the usual html tags like div, p, iframe, script, img, picture, a ... and compare this after loading this what the user finaly got. Sure, comparing goes with javascript, and he could disable it.
delare
 
Posts: 9
Joined: 2016-05-16 08:33

Re: any ideas to detect html manipulation on user client?

Postby pylkko » 2019-08-19 17:28

Not sure, never done it. But files are verified with hash sums, perhaps you could do that with some js trickery, after all, the html page is a file...or many files linked, but you get hte point
User avatar
pylkko
 
Posts: 1564
Joined: 2014-11-06 19:02

Re: any ideas to detect html manipulation on user client?

Postby delare » 2019-08-20 19:05

i think it does not work well. it is ok for static files like jpg, js, css and so on. But the problem with html is, that a browser could completes tags if he think its required.

As example, you use a table-tag with tr and td but without tbody. Not sure if all doing this, but some adding the missing tbody. It may also get in conflict with browser extensions that changes the html.

This means the final HTML can have differs hash like the source from server.

Hmm, yes, its not easy to detect a potential evil injection. too much options for injection to detect them all
delare
 
Posts: 9
Joined: 2016-05-16 08:33


Return to Offtopic

Who is online

Users browsing this forum: No registered users and 4 guests

fashionable