How do we distinguish normal DOM modification(by web page itself) and abnormal DOM modification(by attacker)?
I found no way in mutation event of javascript. Is it possible?
Asked
Active
Viewed 58 times
0
-
First you have to define what you consider "abnormal DOM modification(by attacker)"? – RoToRa Dec 14 '11 at 13:33
-
HTML page includes Ajax, innerHTML etc. "Abnormal DOM mod." is every changes except that. – kwangbul Dec 15 '11 at 01:18
1 Answers
0
As far as I know there is no way to distinguish legitimate changes from not legitimate changes.
The closest you probably get is by using DOM mutation events but then again how can you distinguish the changes? Not all browsers support DOM Level 2 events (fully).
Martijn B
- 4,065
- 2
- 29
- 41
-
right. But I thinks It might be possible if i use jQuery. for example.. jQuery can access every elements that it can check the changes are from my script or not. – kwangbul Dec 15 '11 at 01:24
-
Don't think it's possible. But what is your goal by doing so? It doesn't give extra security. The "attacker" can always catch and alter the data send to a server. The only reason I can come up with is that you don't want tools like GreaseMonkey change the behaviour of your website but I repeat you can't guard against it. – Martijn B Dec 15 '11 at 08:53