Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
rinaz222018-12-06 13:23:09
Information Security
rinaz22, 2018-12-06 13:23:09

Can a website be infected through javascript or other client language?

Hello! I want to add one feature to the site. To do this, users will enter links to html, css, js files. Question: Can my site be infected through these links?
This function is not related to the database in any way, so all that remains is the download of the shell, virus, etc. to the server.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
X
xmoonlight, 2019-07-26
@rinaz22

Check the markup when uploading files to make sure it matches the extension exactly.
After downloading - put in a folder with rights to prohibit the launch (execute).
If you do everything right, they won't be able to.

Report
S
stratosmi, 2018-12-06
@stratosmi

If you leave the possibility of these JS being executed, then they can easily slip a browser miner.

Similar questions
Y
YellowMongoose2020-01-21 13:10:10
How to secure a bitcoin wallet on a server? 2Reply
S
SemihalDevs2015-09-15 23:44:21
How to create a secure authorization algorithm? 2Reply
B
BotaniQ_Q2017-08-24 06:35:08
Vulnerabilities in Django? 1Reply
A
Adder12017-08-30 20:40:26
Why does a security officer need knowledge of physics? 3Reply
D
DollyPapper2017-09-01 20:35:50
What does a programmer need to know about information security and who does it in production? 6Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question