Secure Content Sniffing for Web Browsers, or How to Stop Papers From Reviewing Themselves
Source: University of California
Cross-site scripting defenses often focus on HTML documents, neglecting attacks involving the browser's content-sniffing algorithm, which can treat non-HTML content as HTML. Web applications, such as the one that manages this conference, must defend themselves against these attacks or risk authors uploading malicious papers that automatically submit stellar self-reviews. This paper formulates content-sniffing XSS attacks and defenses. The paper studies content-sniffing XSS attacks systematically by constructing high-fidelity models of the content-sniffing algorithms used by four major browsers. The paper compares these models with Web site content filtering policies to construct attacks. To defend against these attacks, the paper proposes and implement a principled content-sniffing algorithm that provides security while maintaining compatibility.