Code Tech

Bitsquatting and HTML document subresource integrity

If you have heard about bitsquatting, you would know that DNS can be hijacked without exploitation.

Bitsquatting refers to the registration of a domain names one bit different than a popular domain. The name comes from typosquatting: the act of registering domain names one key press different than a popular domain. Bitsquatting frequently resolved domain names makes it possible to exploit computer hardware errors via DNS.

A variety of HTML elements result in requests for resources that are to be embedded into the document, or executed in its context.

To support integrity metadata for some of these elements, a new integrity attribute is added to the list of content attributes for the link and script elements.

A corresponding integrity IDL attribute which reflects the value each element’s integrity content attribute is added to the HTMLLinkElement and HTMLScriptElement interfaces.

Note: A future revision of this specification is likely to include integrity support for all possible subresources, i.e., a, audio, embed, iframe, img, link, object, script, source, track, and video elements.

The integrity attribute

The integrity attribute represents integrity metadata for an element. The value of the attribute MUST be either the empty string, or at least one valid metadata as described by the following ABNF grammar:

integrity-metadata = *WSP hash-with-options *(1*WSP hash-with-options ) *WSP / *WSP
hash-with-options = hash-expression *(“?” option-expression)
option-expression = *VCHAR
hash-algo = <hash-algo production from [Content Security Policy Level 2, section 4.2]>
base64-value = <base64-value production from [Content Security Policy Level 2, section 4.2]>
hash-expression = hash-algo “-” base64-value
The integrity IDL attribute must reflect the integrity content attribute.

option-expressions are associated on a per hash-expression basis and are applied only to the hash-expression that immediately precedes it.

In order for user agents to remain fully forwards compatible with future options, the user agent MUST ignore all unrecognized option-expressions.

Note: Note that while the option-expression has been reserved in the syntax, no options have been defined. It is likely that a future version of the spec will define a more specific syntax for options, so it is defined here as broadly as possible.

With SRI you’re specifying a hash of the resource you’re loading in an integrity attribute, like so:

[code]
<script src=”http://www.example.org/script.js”
integrity=”sha256-DEC+zvj7g7TQNHduXs2G7b0IyOcJCTTBhRRzjoGi4Y4=”
crossorigin=”anonymous”>
</script>
[/code]

Like
Like Love Haha Wow Sad Angry

You Might Also Like

No Comments

Leave a Reply