XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.
XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.
Impact
There are many different attacks that can be leveraged through the use of XSS, including:
Hi-jacking users' active session
Changing the look of the page within the victims browser.
Mounting a successful phishing attack.
Intercept data and perform man-in-the-middle attacks.
Remedy
The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.
Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.
There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.
GET /Login.jsp?invalid='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000BF4)%3C/script%3E HTTP/1.1 Referer: https://xchange.demandware.com/Login User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: xchange.demandware.com Cookie: JSESSIONID=1800BBEC31CAB2F8C5C1F280F1088F88 Accept-Encoding: gzip, deflate Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 29 Apr 2011 11:35:51 GMT P3P: CP="ALL DSP COR CUR ADMi TAI PSA IVA HIS OUR IND STA" Content-Type: text/html;charset=UTF-8 Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>Log In</title><META HTTP-EQUIV="pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><META HTTP-EQUIV="expires" CONTENT="0"><META HTTP-EQUIV="X-UA-Compatible" CONTENT="IE=EmulateIE7" /><link rel="SHORTCUT ICON" href="favicon.ico"><link rel="stylesheet" href="style/brandedCSS.css/key%3D1281721419192%26bannerColor%3D5781AE%26titleColor%3D0E0101%26baseFontFamily%3DCalibri%26baseFontSize%3D15px%26linkColor%3D3366CC.css"><link rel="stylesheet" media="print" href="version/3.8.0.347a/style/print.css" /><link rel="stylesheet" type="text/css" media="screen, projection" href="version/3.8.0.347a/style/integration.css" /><!--[if lte IE 6]><link rel="stylesheet" type="text/css" href="style/ie6.css" media="screen, projection" /><![endif]--><!--[if lte IE 7]><link rel="stylesheet" type="text/css" href="style/ie.css" media="screen, projection" /><![endif]--><script>function getProductNameString() {return "Helpstream"}function getProductVersionString() {return "3.8.0 Build 347"}function getProductCopyrightString() {return"© 2007\u002d2009 Helpstream\u002c Inc\u002e All Rights Reserved"}function getProductBuildDate() {return "2010/03/11 11:08"}</script><script type="text/javascript">(function() {var sa = null;var fn = function(msg) {if (msg == null || (msg == "" && sa == null)) return;if (sa == null) { try { sa = new StatusArea("", {id:"PODMessage", reserveArea:false, permanent:true}); var div = createEl("div"); document.body.insertBefore(div, document.body.firstChild); sa.Build(div); } catch (e) {return;}}if (msg != sa.text) {if (msg != "") { sa.Show(msg);} else { sa.Hide(); sa.text = "";}}}}).call(window);</script></head> <script src="version/3.8.0.347a/js/prototype.js"></script><script src="version/3.8.0.347a/js/ClientMessages.js/en_US/1281721418688"></script><script src="version/3.8.0.347a/js/Core.js"></script><script src="version/3.8.0.347a/js/Enumerations.js/1300356906030"></script><script src="version/3.8.0.347a/js/lang/calendar-en.js"></script> <script>var currentPerson = new XMLObject("Person");currentPerson.setId("8a8a8aa5119f669e01119f67f1090003");currentPerson.set("firstName", "Guest");currentPerson.set("lastName", "User");currentPerson.set("fullName", "Guest User");currentPerson.set("displayName", "Guest User");currentPerson.set("photoId", "");currentPerson.set("emailAddress", "");currentPerson.set("timeZone", "US\u002fEastern");currentPerson.set("ssoManaged", "false");currentPerson.set("surveyNextDate", "");currentPerson.set("localeId", "");currentPerson.privileges = {}currentPerson.hasPrivilege = function(p) { return p in this.privileges }currentPerson.getMinCaseConvDelayHours = function(forReplies) { return forReplies ? 2147483647 : 2147483647; }currentPerson.properties = {}currentPerson.hasProperty = function(p) { return p in this.properties }currentPerson.subscriptionIds = {};currentPerson.hasSubscriptionId = function(p) { return this.subscriptionIds[p] == true }currentPerson.effSubscriptionIds = {};currentPerson.hasEffectiveSubscriptionId = function(p) { return this.effSubscriptionIds[p] == true}currentPerson.groupIds = {"8a808145119a1d1801119a438f7b0007":true};currentPerson.inGroupId = function(p) { return this.groupIds[p] == true}currentPerson.isPoster = false;currentPerson.hasUseProcedure = false;currentPerson.isGuestUser = true;currentPerson.isAccountManager = false;currentPerson.isModerator = false;currentPerson.hasAccounts = true;currentPerson.hasProfiles = true;currentPerson.isCatPermOnly = true;currentPerson.hasContent = true;currentPerson.hasTopics = false;currentPerson.hasDocuments = true;currentPerson.hasChecklists = false;currentPerson.hasCases = true;currentPerson.hasPersonas = false;currentPerson.hasArticleTemplates = false;currentPerson.config = {caseMgmtExtras: true,noReputationAndRatings: false,noArticles: false,noQuestions: false,noDiscussions: false,noIdeas: false};currentPerson.canViewTypes = {"QuestionTopic" : true,"DiscussionTopic" : true}currentPerson.canViewType = function(p) { return p in this.canViewTypes }currentPerson.canAddTypesInPortal = {"QuestionTopic" : true,"DiscussionTopic" : true}currentPerson.canAddTypesInAgent = {"QuestionTopic" : true,"DiscussionTopic" : true}currentPerson.canAddType = function(p, navMode) { if (navMode==null) return false; return p in (navMode=="AGENT" ? this.canAddTypesInAgent : this.canAddTypesInPortal) }currentPerson.types = [];function getCurrentPerson() { return currentPerson;}currentPerson.isAdministrator = false;currentPerson.isAgentOrAdmin = false;currentPerson.isAgent = false;currentPerson.localeIndex = 0;currentPerson.getLocaleIndex = function() {return this.localeIndex;}currentPerson.locale = "en_US";currentPerson.getLocale = function() {return this.locale;}currentPerson.PORTAL = {showCaseMgmt: true,showWeb: true,showSubmitTicket: false,showSubmitReply: true,showExperts: false};currentPerson.AGENT = {showCaseMgmt: false,showWeb: true,showSubmitTicket: false,showSubmitReply: false,showExperts: true};</script><script type="text/javascript" src="version/3.8.0.347a/js/tiny_mce/tiny_mce.js"></script><script type="text/javascript" src="version/3.8.0.347a/js/editorManager.js"></script> <body class="main mainDots"><script> if (Reflection) Reflection.disable = true; var navMode = "PORTAL"; var navBreadcrumb = '<a class="breadcrumbLink" href="SupportPortal.jsp" onclick="Cookie.DeleteCookie(\"LAST_SEARCH\")" target=""><nobr>Support Home</nobr></a><img align="absmiddle" hspace="5" src="version/3.8.0.347a/images/category_sep.gif"/>'; var imageColor = "5781AE"; var highlightColor = "FF0000"; var onloadFunctions = []; var onresizeFunctions = []; var onloadRetry = 0; if (typeof(Static) != "undefined") Static.location = "version/3.8.0.347a/"; if (typeof(Version) != "undefined") Version.location = "version/3.8.0.347a/"; if (typeof(HelpContext) != "undefined") HelpContext.location = "https://xchange.demandware.com/SupportPortal.jsp?search=${searchTerms}"; var feeds = [];; onloadFunctions.push(Global.populateFeeds); function miscOnload() { if (getEl("loginBtnTop")) { var loginBtnTop = new Button({id:"loginBtnTop", label:Msgs.get("LOG_IN_BTN", "Log In"), style:"button2", paddingTop:0, postSpacerWidth:0, href: "Login.jsp?goto=" + document.location.href.URLEncode() }); loginBtnTop.Build(getEl("loginBtnTop")); } if (getEl("pageRightSearch")) { var sb = new SearchBox({inputWidth: "110px", focus: false, initialText: Msgs.get("SEARCH_ALL_BOX_TEXT", "search all", null, {htmlEncode:false}), initialTab: SearchBox.SECTION_ARTICLES, hideClear:true}); sb.Build(getEl("pageRightSearch")); } if (getEl("bannerAd")) Global.setBannerAd(); // save announcements in variable to show later Global.cachedAnnouncements = [ ]; var container = getEl("pageRightMySupport"); if (typeof(currentPerson) != "undefined" && currentPerson != null) { var guestActionAllowed = !currentPerson.canAddType("none", "PORTAL") || currentPerson.PORTAL.showSubmitReply; if (container && (!currentPerson.isGuestUser || (currentPerson.isGuestUser && guestActionAllowed))) { container.style.display = "block"; var mySupport = new MySupport(); mySupport.Build(container); } } } onloadFunctions.push(miscOnload); function doOnloadFunctions() { try { // make sure that Core javascript has been loaded first if (typeof("CoreJS") == "undefined" || !("loaded" in CoreJS) || !CoreJS.loaded) { if (++onloadRetry == 10) { document.location.reload(false); return; } window.setTimeout(doOnloadFunctions, 100); return; } for (var f in onloadFunctions) { if(!onloadFunctions.hasOwnProperty(f)) continue; onloadFunctions[f](); } callResizeWrapper(); YAHOO.util.Event.addListener(window, "resize", callResizeWrapper); pageComplete(); } catch (err) { Util.processError(err); } } function doOnresizeFunctions() { for (var f in onresizeFunctions) { if(!onresizeFunctions.hasOwnProperty(f)) continue; onresizeFunctions[f](); } } function callResizeWrapper() { ResizeWrapper.OnResize(doOnresizeFunctions) } function resizeBody() { try { var div = getEl("pageContentDiv"); var h = YAHOO.util.Dom.getViewportHeight() - YAHOO.util.Dom.getY("pageContentDiv") - 28; // 10px from mainFrame, 9px from image, 2px from mainFrameContent, 5px from innerFrameContent, plus 2px to prevent scrollbar h = h - getEl("footerContent").offsetHeight; var currHeight = div.offsetHeight; if (currHeight < h) // less than div.style.height = h + "px"; else if (currHeight > h && div.style.height != "auto") // greater than div.style.height = "auto"; } catch(e) {assert(false)} } onresizeFunctions.push(resizeBody); var HELPSTREAM = new Object(); Object.extend(HELPSTREAM, { onloadFunctions: onloadFunctions, getCurrentPerson: (typeof(getCurrentPerson) == "undefined") ? function() { return null; } : getCurrentPerson }); YAHOO.util.Event.onDOMReady(function() { window.setTimeout(doOnloadFunctions, 100); }); </script><div class="application-page mainPadding"><table cellpadding="0" cellspacing="0" class="mainFrame" id="mainFrame" width="100%"><tr><td class="mainFrameTl noprint"><img class="block" src="version/3.8.0.347a/style/images/main_frame_tl.gif"/></td><td class="mainFrameTopBottom"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameTr noprint"><img class="block" src="version/3.8.0.347a/style/images/main_frame_tr.gif"/></td></tr><tr><td class="mainFrameLeftRight noprint"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameContent"><table cellpadding="0" cellspacing="0" class="noprint"><tr><td><a border="0" href="https://demandware.helpstream.biz/SupportPortal.jsp"><img class="bannerLogo block" height="60" src="https://xchange.demandware.com/servlet/CompanyImage/1fdca759b11ac2b8e2a0ee1bf91e5bc4"/></a></td><td style="height:60px; vertical-align:middle"><div class="bannerName" id="bannerName">Community Portal</div></td><td style="height:60px"/></tr></table><table cellpadding="0" cellspacing="0" width="100%"><tr><td class="noprint offset-left"><img class="block" src="version/3.8.0.347a/style/images/banner_left_portal.gif?color=5781AE"/></td><td class="navigation-links"><table cellpadding="0" cellspacing="0" width="100%"><tr><td class="bannerMiddle noprint"><img class="block" src="version/3.8.0.347a/style/images/banner_middle.gif?color=5781AE"/></td><td class="bannerBkgrd noprint"/><td align="right" class="bannerBkgrdRight noprint" rowspan="2"><img class="block" src="version/3.8.0.347a/style/images/banner_right.gif?color=5781AE"/></td></tr><tr><td class="mainTabBkgrd noprint" colspan="2"><table cellpadding="0" cellspacing="0" width="100%"><tr><td class="mainTabUnselLeft"><img class="block" src="version/3.8.0.347a/style/images/main_tab_unsel_left_first.gif?color=5781AE"/></td><td class="mainTabUnselMiddleFirst"><a class="mainTabUnselLink" href="SupportPortal.jsp" onclick="Cookie.DeleteCookie('LAST_SEARCH')" target=""><nobr>Support Home</nobr></a></td><td class="mainTabUnselRight" onclick="Cookie.DeleteCookie('LAST_SEARCH');document.location.href = "SupportPortal.jsp"; 					"><img class="block" src="version/3.8.0.347a/style/images/main_tab_unsel_right.gif?color=5781AE"/></td><td><img class="block" height="23" src="version/3.8.0.347a/style/images/spacer.gif" width="7"/></td><td width="80%"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td></tr></table></td></tr><tr><td class="noprint" colspan="3"><table cellpadding="0" cellspacing="0" width="100%"><tr><td class="subTabAreaLeftShort noprint"><img class="block" src="version/3.8.0.347a/style/images/sub_tab_area_left_short.gif?color=5781AE"/></td><td class="subTabUnselBkgrdShort"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td></tr></table></td></tr><tr><td class="noprint" colspan="3"/></tr></table></td></tr><tr><td class="innerFrameContent" colspan="3" id="innerFrameContent" width="100%"><table width="100%"><tr><td id="pageContentDiv" width="100%"> <script language="JavaScript"> var PageGlobal = { changeLocale: function(selectObj) { var option = selectObj.options[selectObj.selectedIndex]; document.cookie = "locale=" + option.value; // save the current user if (getEl("username").value) { document.cookie = "AmbientUserID=" + escape(getEl("username").value); } Util.reloadPage(); }, pageLoad: function() { var isInstance = ("true" == "true"); var showPortalJoin = ("true" == "true"); var portalSiteName = "\u0043\u006f\u006d\u006d\u0075\u006e\u0069\u0074\u0079\u0020\u0050\u006f\u0072\u0074\u0061\u006c"; var isPortalLogin = ("true" == "true"); var debug = ""; if (debug != "") document.cookie = "DEBUG_ON=true"; var logging = ""; Logging.initLogging(logging); var loginBtn = new Button({ id:"loginBtn", label: Msgs.get("LOG_IN_BUTTON", "Log In"), style: "button3", paddingTop : 0, labelPadding: "0px 12px", onclick: { fn: function() { PageGlobal.doLogin("ApplicationLogin") } } }); loginBtn.Build(getEl("loginButtonDiv")); getEl("loginButtonDiv").button = loginBtn; // set the cookie for the locale - this way if they login from here, it will update the language from the cookie. // If a user switches browsers, or uses a different URL to get to the same instance, the cookies // won't be shared - and without this they might see a different language after logging in, based on the database value document.cookie = "locale=en_US"; if (getEl("joinDiv")) { var html = ""; if (isInstance) { var joinWorkspaceUrl = "JoinWorkspace.jsp"; if (showPortalJoin) html += "<table width='100%'><tr><td class=loginText>" + (isInstance ? Msgs.get("REQUEST_JOIN_SITENAME", "Request to join {0}", [portalSiteName]) : Msgs.get("MY_ORG_USING_HELPSTREAM", "My organization is already using Helpstream")) + "</td><td align=right id=joinBtn></td></tr></table>"; } else { var joinWorkspaceUrl = "JoinExisting.jsp"; html += "<table width='100%'><tr><td class=loginText>" + Msgs.get("MY_ORG_USING_HELPSTREAM", "My organization is already using Helpstream") + "</td><td align=right id=joinBtn></td></tr></table>"; html += "<table width='100%'><tr><td class=loginText>" + Msgs.get("FIRST_ORG_USE_HELPSTREAM", "I'm the first in my organization to use Helpstream") + "</td><td align=right id=signUpBtn></td></tr></table>"; } getEl("joinDiv").innerHTML = html; if (getEl("joinBtn")) { var joinBtn = new Button({ id:"joinBtn", label: Msgs.get("GET_LOGIN_BTN", "Get a login now"), style: "button", preSpacerWidth: 0, paddingTop: 0, onclick: { fn: function() {document.location = joinWorkspaceUrl} } }); joinBtn.Build(getEl("joinBtn")); } if (getEl("signUpBtn")) { var signUpBtn = new Button({ id:"signUpBtn", label: Msgs.get("SIGN_UP_PATHWORKS_BTN", "Sign up for Helpstream"), style: "button", preSpacerWidth: 0, paddingTop: 0, onclick: { fn: function() {document.location = "SignUp.jsp"} } }); signUpBtn.Build(getEl("signUpBtn")); } } // set err..
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.
Netsparker believes that there is a XSS (Cross-site Scripting) in here it could not confirm it. We strongly recommend investigating the issue manually to ensure that it is an XSS (Cross-site Scripting) and needs to be addressed.
XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.
Impact
There are many different attacks that can be leveraged through the use of XSS, including:
Hi-jacking users' active session
Changing the look of the page within the victims browser.
Mounting a successful phishing attack.
Intercept data and perform man-in-the-middle attacks.
Remedy
The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered / encoded. Output should be filtered / encoded according to the output format and location.
There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.
Due to content-type of the response exploitation of this vulnerability might not be possible in all browsers or might not be possible at all. Content-type indicates that there is a possibility of exploitation by changing the attack however Netsparker does not support confirming these issues. You need to manually confirm this problem. Generally lack of filtering in the response can cause Cross-site Scripting vulnerabilities in browsers with auto mime sniffing such as Internet Explorer.
Request
GET /style/brandedCSS.css/key%3D1281721419192%26bannerColor%3D5781AE%26titleColor%3D0E0101%26baseFontFamily%3DCalibri%26baseFontSize%3D15px%26linkColor%3D3366CC.css'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0007A5)%3C/script%3E HTTP/1.1 Referer: https://xchange.demandware.com/Login.jsp?goto=https%3A%2F%2Fxchange.demandware.com%2F User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: xchange.demandware.com Cookie: JSESSIONID=1800BBEC31CAB2F8C5C1F280F1088F88 Accept-Encoding: gzip, deflate Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 29 Apr 2011 11:32:41 GMT P3P: CP="ALL DSP COR CUR ADMi TAI PSA IVA HIS OUR IND STA" Cache-Control: public,max-age=315360000,post-check=315360000,pre-check=315360000 ETag: W/"69626-1268334576000" Last-Modified: Thu, 11 Mar 2010 19:09:36 GMT Content-Type: text/css;charset=UTF-8 Content-Length: 71987 Connection: close
/* CSS FILE - YUI css, calendar css, followed by "OUR STUFF" css *//* Variables replaced are: Calibri 15px 383838 0E0101 3366CC.css'"--></style></script><script>netsparker(0x0007A5)</script> ?color=5781AE 3366CC.css'"--></style></script><script>netsparker(0x0007A5)</script> *//*reset-min.cssversion:2.2.0*/body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset,input,textarea,p,blockquote,th,td{margin:0;padding:0;}table{border-collapse:collapse;border-spacing:0}fieldset,img{border:0;}address,caption,cite,code,dfn,em,strong,th,var{font-style:normal;font-weight:normal;}ol,ul {list-style:none;}caption,th {text-align:left;}h1,h2,h3,h4,h5,h6{font-size:100%;font-weight:normal;}q:before,q:after{content:'';}abbr,acronym {border:0;}/*fonts-min.cssversion:2.2.0*/body {font:15px Calibri}table {font-size:inherit;font:100%;}select, input, textarea {font:99% Calibri;}pre, code {font:115% monospace;*font-size:100%;}body * {line-height:1.22em;}/*container.cssversion:2.2.0*/.yui-overlay { position:absolute; display:block;}.yui-tt { visibility:hidden; position:absolute; color:#333; background-color:#FDFFB4; font-family:Calibri; padding:2px; border:1px solid #FCC90D; font:100% sans-serif; width:auto;}* html body.masked select { visibility:hidden;}* html div.yui-panel-container select { visibility:inherit;}* html div.drag select { visibility:hidden;}* html div.hide-select select { visibility:hidden;}.mask { z-index:0; display:none; position:absolute; top:0; left:0; -moz-opacity:0.5; opacity:.50; filter:alpha(opacity=50); background-color:#CCC;}.hide-scrollbars * { overflow:hidden;}.hide-scrollbars textarea, .hide-scrollbars select { overflow:hidden; display:none;}.show-scrollbars textarea, .show-scrollbars select { overflow:visible;}.yui-panel-container { position:absolute; background-color:transparent; z-index:6; visibility:hidden; overflow:visible; width:auto;}.yui-panel-container.focused {}.yui-panel-container.matte { padding:3px; background-color:#FFF;}.yui-panel-container.matte .underlay { display:none;}.yui-panel-container.shadow { padding:0px; background-color:transparent;}.yui-panel-container.shadow .underlay { visibility:inherit; position:absolute; background-color:#CCC; top:3px;left:3px; z-index:0; width:100%; height:100%; -moz-opacity:0.7; opacity:.70; filter:alpha(opacity=70); zoom:1;}.yui-panel { visibility:hidden; border-collapse:separate; position:relative; left:0px;top:0px; font:1em Calibri; background-color:#FFF; z-index:1; overflow:hidden;}.yui-panel .hd { color:#FFF; font-size:100%; line-height:100%; border:1px solid #FFF; border-bottom:1px solid #E2E2E4; font-weight:bold;/* overflow:hidden; IE DOESN'T LIKE THIS FOR AUTO WIDTH PANEL, SO REMOVE */ padding:4px;}.yui-panel .bd { overflow:hidden; padding:1em; margin:0 0 1em;}/* .yui-panel .bd p { } REMOVED SINCE WE DON'T WANT MARGIN ADDED TO P */.yui-panel .container-close { position:absolute; top:5px; right:4px; z-index:6; height:12px; width:12px; margin:0px; padding:0px; background:url(version/3.8.0.347/images/close12_1.gif) no-repeat; cursor:pointer; visibility:inherit;}.yui-panel .ft { padding:4px;/* overflow:hidden; IE DOESN'T LIKE THIS FOR AUTO WIDTH PANEL, SO REMOVE */}.yui-simple-dialog .bd .yui-icon { background-repeat:no-repeat; width:16px; height:16px; margin-right:10px; float:left;}.yui-simple-dialog .bd span.blckicon { background:url("version/3.8.0.347/images/blck16_1.gif") no-repeat;}.yui-simple-dialog .bd span.alrticon { background:url("version/3.8.0.347/images/alrt16_1.gif") no-repeat;}.yui-simple-dialog .bd span.hlpicon { background:url("version/3.8.0.347/images/hlp16_1.gif") no-repeat;}.yui-simple-dialog .bd span.infoicon { background:url("version/3.8.0.347/images/info16_1.gif") no-repeat;}.yui-simple-dialog .bd span.warnicon { background:url("version/3.8.0.347/images/warn16_1.gif") no-repeat;}.yui-simple-dialog .bd span.tipicon { background:url("version/3.8.0.347/images/tip16_1.gif") no-repeat;}.yui-dialog .ft, .simple-dialog .ft { padding-bottom:5px; padding-right:5px; text-align:right;}.yui-dialog form, .yui-simple-dialog form { margin:0;}/*tree.cssversion:2.2.0*//* first or middle sibling, no children */.ygtvtn { width:20px; height:20px; background:url(version/3.8.0.347/images/tn.gif) 0 0 no-repeat; }/* first or middle sibling, collapsable */.ygtvtm { width:20px; height:20px; cursor:pointer ; background:url(version/3.8.0.347/images/tm.gif) 0 0 no-repeat; }/* first or middle sibling, collapsable, hover */.ygtvtmh { width:20px; height:20px; cursor:pointer ; background:url(version/3.8.0.347/images/tmh.gif) 0 0 no-repeat; }/* first or middle sibling, expandable */.ygtvtp { width:20px; height:20px; cursor:pointer ; background:url(version/3.8.0.347/images/tp.gif) 0 0 no-repeat; }/* first or middle sibling, expandable, hover */.ygtvtph { width:20px; height:20px; cursor:pointer ; background:url(version/3.8.0.347/images/tph.gif) 0 0 no-repeat; }/* last sibling, no children */.ygtvln { width:20px; height:20px; background:url(version/3.8.0.347/images/ln.gif) 0 0 no-repeat; }/* Last sibling, collapsable */.ygtvlm { width:20px; height:20px; cursor:pointer ; background:url(version/3.8.0.347/images/lm.gif) 0 0 no-repeat; }/* Last sibling, collapsable, hover */.ygtvlmh { width:20px; height:20px; cursor:pointer ; background:url(version/3.8.0.347/images/lmh.gif) 0 0 no-repeat; }/* Last sibling, expandable */.ygtvlp { width:20px; height:20px; cursor:pointer ; background:url(version/3.8.0.347/images/lp.gif) 0 0 no-repeat; }/* Last sibling, expandable, hover */.ygtvlph { width:20px; height:20px; cursor:pointer ; background:url(version/3.8.0.347/images/lph.gif) 0 0 no-repeat; }/* Loading icon */.ygtvloading { width:20px; height:20px; background:url(version/3.8.0.347/images/loading.gif) 0 0 no-repeat; }/* the style for the empty cells that are used for rendering the depth * of the node */.ygtvdepthcell { width:20px; height:20px; background:url(version/3.8.0.347/images/vline.gif) 0 0 no-repeat; }.ygtvblankdepthcell { width:20px; height:20px; }/* the style of the div around each node */.ygtvitem { } /* the style of the div around each node's collection of children */.ygtvchildren { } * html .ygtvchildren { height:2%; } /* the style of the text label in ygTextNode */.ygtvlabel, .ygtvlabel:link, .ygtvlabel:visited, .ygtvlabel:hover { margin-left:2px; text-decoration:none;}.ygtvspacer { height:10px; width:10px; margin:2px; }/*colorpicker.cssversion:2.3.0*/.yui-picker-panel{background:#e3e3e3;border-color:#888;}.yui-picker-panel .hd{background-color:#ccc;font-size:100%;line-height:100%;border:1px solid #e3e3e3;font-weight:bold;overflow:hidden;padding:6px;color:#000;}.yui-picker-panel .bd{background:#e8e8e8;margin:1px;height:200px;}.yui-picker-panel .ft{background:#e8e8e8;margin:1px;padding:1px;}.yui-picker{position:relative;}.yui-picker-hue-thumb{cursor:default;width:18px;height:18px;top:-8px;left:-2px;z-index:9;position:absolute;}.yui-picker-hue-bg{-moz-outline:none;outline:0px none;position:absolute;left:200px;height:183px;width:14px;background:url('version/3.8.0.347/images/hue_bg.png') no-repeat;top:4px;}.yui-picker-bg{-moz-outline:none;outline:0px none;position:absolute;top:4px;left:4px;height:182px;width:182px;background-color:#F00;background-image:url('version/3.8.0.347/images/picker_mask.png');}*html .yui-picker-bg{background-image:none;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='style/images/picker_mask.png',sizingMethod='scale');}.yui-picker-mask{position:absolute;z-index:1;top:0px;left:0px;}.yui-picker-thumb{cursor:default;width:11px;height:11px;z-index:9;position:absolute;top:-4px;left:-4px;}.yui-picker-swatch{position:absolute;left:240px;top:4px;height:60px;width:55px;border:1px solid #888;}.yui-picker-websafe-swatch{position:absolute;left:304px;top:4px;height:24px;width:24px;border:1px solid #888;}.yui-picker-controls{position:absolute;top:72px;left:226px;font:1em monospace;}.yui-picker-controls .hd{background:transparent;border-width:0px !important;}.yui-picker-controls .bd{height:100px;border-width:0px !important;}.yui-picker-controls ul{float:left;list-style:none;padding:0 2px 0 0;margin:0}.yui-picker-controls li{padding:2px;margin:0}.yui-picker-controls input{font-size:0.85em;width:2.4em;}.yui-picker-hex-controls{clear:both;padding:2px;}.yui-picker-hex-controls input{width:4.6em;}.yui-picker-controls a{font:1em Calibri;display:block;*display:inline-block;padding:0;color:#000;}/*menu.cssversion:2.3.0*//* Menu & MenuBar styles */.yuimenu { background-color:#f6f7ee; border:solid 1px #c4c4be; padding:1px; }/*The following style rule (".yuimenu.show-scrollbars") overrides the ".show-scrollbars" rule defined in container.css which sets the "overflow" property of a YAHOO.widget.Overlay instance's root HTML element to "auto" when it is visible. Without this override, a Menu would have scrollbarswhen one of its submenus is visible.*/.yuimenu.show-scrollbars { overflow: visible; }.yui-menu-shadow { display: none;}.yuimenu .yuimenu,.yuimenubar .yuimenu { position:absolute; visibility:hidden;}.yuimenubar { background-color:#f6f7ee; }.yuimenubar ul { *zoom:1;}.yuimenubar ul:after { content:"."; display:block; clear:both; visibility:hidden; height:0; line-height:0;}.yuimenu h6,.yuimenubar h6 { font-size:100%; font-weight:normal; margin:0; border:solid 1px #c4c4be; color:#b9b9b9; }.yuimenubar h6 { float:left; padding:4px 12px; border-width:0 1px 0 0;}.yuimenubar .yuimenu h6 { float:none;}.yuimenu h6 { border-width:1px 0 0 0; padding:5px 10px 0 10px;}.yuimenubar ul { list-style-type:none; margin:0; padding:0;}.yuimenu ul { list-style-type:none; border:solid 1px #c4c4be; border-width:1px 0 0 0; margin:0; padding:10px 0;}.yuimenu ul.first-of-type, .yuimenu ul.hastitle,.yuimenu h6.first-of-type { border-width:0;}.yuimenu .topscrollbar,.yuimenu .bottomscrollbar { height:16px; background-image:url('version/3.8.0.347/images/map.gif'); background-repeat:no-repeat;}.yuimenu .topscrollbar { background-image:url('version/3.8.0.347/images/map.gif'); background-position:center -72px;}.yuimenu .topscrollbar_disabled { background-image:url('version/3.8.0.347/images/map.gif'); background-position:center -88px;}.yuimenu .bottomscrollbar { background-image:url('version/3.8.0.347/images/map.gif'); background-position:center -104px;}.yuimenu .bottomscrollbar_disabled { background-image:url('version/3.8.0.347/images/map.gif'); background-position:center -120px;}/* MenuItem and MenuBarItem styles */.yuimenubaritem { float:left;}.yuimenuitemlabel,.yuimenubaritemlabel { white-space: nowrap; font-size:85%; display:block; color:#000; text-decoration:none;}.yuimenuitemlabel { padding:2px 24px; outline:none; }.yuimenubaritemlabel { border-width:0 0 0 1px; border-style:solid; border-color:#c4c4be; padding:4px 24px;}li.first-of-type .yuimenubaritemlabel { border-width:0;}.yuimenuitemlabel .helptext { font-style:normal; margin:0 0 0 40px; }.yuimenuitemlabel .submenuindicator,.yuimenuitemlabel .checkedindicator, .yuimenubaritemlabel .submenuindicator { display:block; height:8px; width:8px; overflow:hidden; vertical-align:middle; text-indent:9px; background-image:url('version/3.8.0.347/images/map.gif'); background-repeat:no-repeat;}.yuimenubaritemlabel .submenuindicator { display:-moz-inline-stack; /* Gecko */ display:inline-block; /* IE, Opera and Safari */ font:0/0 Calibri; /* Gecko */}.yuimenuitemlabel .submenuindicator { background-position:0 0;}.yuimenubaritemlabel .submenuindicator { background-position:0 -24px; margin:0 0 0 10px;}.yuimenuitemlabel .checkedindicator { background-position:0 -48px;}.visible .yuimenuitem,.visible .yuimenuitemlabel { *zoom:1;}.visible .yuimenuitemlabel .helptext { float:right; width:100%; text-align:right; margin:-1.2em 0 0 0; *cursor:pointer; /* Required to restore the style of the cursor in IE */}.visible .yuimenuitemlabel .submenuindicator { margin:-.9em -16px 4px auto; *margin:-.9em -16px 0 105%;}.visible .yuimenuitemlabel .checkedindicator { margin:-.9em auto 4px -16px; *margin-bottom:0;}/* Matches selected menu items */.yuimenuitem a.selected,.yuimenubaritem a.selected { background-color:#8c8ad0; text-decoration:underline; color:#fff;}.yuimenubaritem a.selected .submenuindicator { background-position:0 -32px;}.yuimenuitem a.selected .submenuindicator { background-position:0 -8px;}.yuimenuitem a.selected .checkedindicator { background-position:0 -56px;}/* Matches disabled menu items */.yuimenubaritem a.disabled .submenuindicator { background-position:0 -40px;}.yuimenuitem a.disabled { cursor:default; color:#b9b9b9;}.yuimenuitem a.disabled .submenuindicator { background-position:0 -16px;}.yuimenuitem a.disabled .checkedindicator { background-position:0 -64px;}/* CALENDAR CSS *//* The main calendar widget */.calendar { position: relative; display: none; border-top: 2px solid #fff; border-right: 2px solid #4C4C4C; border-bottom: 2px solid #4C4C4C; border-left: 2px solid #fff; font-size: 0.9em; color: #4C4C4C; cursor: default; background: #FFFFFF; z-index: 500000;}.calendar table { border-top: 1px solid #4C4C4C; border-right: 1px solid #fff; border-bottom: 1px solid #fff; border-left: 1px solid #4C4C4C; color: #4C4C4C; cursor: default; background: #FFFFFF;}/* Header part -- contains navigation buttons and day names. */.calendar .button { /* "<<", "<", ">", ">>" buttons have this class */ text-align: center; padding: 1px; border-top: 1px solid #fff; border-right: 1px solid #4C4C4C; border-bottom: 1px solid #4C4C4C; border-left: 1px solid #fff;}.calendar .nav { background: transparent url('version/3.8.0.347/images/menuarrow.gif') no-repeat 100% 100%; background-color: #E2E4E4;}.calendar thead .title { /* This holds the current "month, year" */ font-weight: bold; padding: 1px; border: 1px solid #4C4C4C; background: #2A8EBF; color: #fff; text-align: center;}.calendar thead .headrow { /* Row <TR> containing navigation buttons */ background-color: #E2E4E4;}.calendar thead .daynames { /* Row <TR> containing the day names */}.calendar thead .name { /* Cells <TD> containing the day names */ border-bottom: 1px solid #4C4C4C; padding: 2px; text-align: center; background: #D3EBF3;}.calendar thead .weekend { /* How a weekend day name shows in header */ color: #4C4C4C;}.calendar thead .hilite { /* How do the buttons in header appear when hover */ border-top: 2px solid #fff; border-right: 2px solid #4C4C4C; border-bottom: 2px solid #4C4C4C; border-left: 2px solid #fff; padding: 0px; background-color: #E2E4E4;}.calendar thead .active { /* Active (pressed) buttons in header */ padding: 2px 0px 0px 2px; border-top: 1px solid #4C4C4C; border-right: 1px solid #fff; border-bottom: 1px solid #fff; border-left: 1px solid #4C4C4C; background-color: #c4c0b8;}/* The body part -- contains all the days in month. */.calendar tbody .day { /* Cells <TD> containing month days dates */ width: 2em; text-align: right; padding: 2px 4px 2px 2px;}.calendar tbody .day.othermonth { font-size: 80%;}.calendar tbody .day.othermonth.oweekend {}.calendar table .wn { padding: 2px 3px 2px 2px; border-right: 1px solid #4C4C4C; background: #D3EBF3;}.calendar tbody .rowhilite td {}.calendar tbody .rowhilite td.wn { background: #A7D7E8;}.calendar tbody td.hilite { /* Hovered cells <TD> */ cursor: pointer; background-color : #FFF0C3;}.calendar tbody td.active { /* Active (pressed) cells <TD> */ background-color : #FFD14D;}.calendar tbody td.selected { /* Cell showing selected date */ font-weight: bold; padding: 2px 2px 0px 2px; background-color : #FFD14D;}.calendar tbody td.weekend { /* Cells showing weekend days */ color: #4C4C4C;}.calendar tbody td.today { /* Cell showing today date */ color: #4C4C4C; border: solid 1px #E3405C;}.calendar tbody .disabled { color: #999; }.calendar tbody .emptycell { /* Empty cells (the best is to hide them) */ visibility: hidden;}.calendar tbody .emptyrow { /* Empty row (some months need less than 6 rows) */ display: none;}/* The footer part -- status bar and "Close" button */.calendar tfoot .footrow { /* The <TR> in footer (only one right now) */}.calendar tfoot .ttip { /* Tooltip (status bar) cell <TD> */ background: #D3EBF3; padding: 1px; border: 1px solid #4C4C4C; background: #2A8EBF; color: #fff; text-align: center;}.calendar tfoot .hilite { /* Hover style for buttons in footer */ border-top: 1px solid #fff; border-right: 1px solid #4C4C4C; border-bottom: 1px solid #4C4C4C; border-left: 1px solid #fff; padding: 1px; background: #E2E4E4;}.calendar tfoot .active { /* Active (pressed) style for buttons in footer */ padding: 2px 0px 0px 2px; border-top: 1px solid #4C4C4C; border-right: 1px solid #fff; border-bottom: 1px solid #fff; border-left: 1px solid #4C4C4C;}/* Combo boxes (menus that display months/years for direct selection) */.calendar .combo { position: absolute; display: none; width: 4em; top: 0px; left: 0px; cursor: default; border-top: 1px solid #fff; border-right: 1px solid #4C4C4C; border-bottom: 1px solid #4C4C4C; border-left: 1px solid #fff; background: #E2E4E4; padding: 1px; z-index: 100;}.calendar .combo .label,.calendar .combo .label-IEfix { text-align: center; padding: 1px;}.calendar .combo .label-IEfix { width: 4em;}.calendar .combo .active { background: #c4c0b8; padding: 0px; border-top: 1px solid #4C4C4C; border-right: 1px solid #fff; border-bottom: 1px solid #fff; border-left: 1px solid #4C4C4C;}.calendar .combo .hilite { background: #048; color: #fea;}.calendar td.time { border-top: 1px solid #4C4C4C; padding: 1px 0px; text-align: center; background-color: #D3EBF3;}.calendar td.time .hour,.calendar td.time .minute,.calendar td.time .ampm { padding: 0px 3px 0px 4px; border: 1px solid #889; font-weight: bold; background-color: #fff;}.calendar td.time .ampm { text-align: center;}.calendar td.time .colon { padding: 0px 2px 0px 3px; font-weight: bold;}.calendar td.time span.hilite { border-color: #4C4C4C; background-color: #766; color: #fff;}.calendar td.time span.active { border-color: #f00; background-color: #4C4C4C; color: #0f0;}/* OUR STUFF */BODY {margin:0; font-family:Calibri; color:#383838}P {line-height:1.22em}TD {vertical-align:top}UL {list-style:square; margin-left:40px}OL {list-style:decimal; margin-left:40px}EM {font-style:italic}STRONG {font-weight:bold}EM STRONG {font-weight: bold; font-style: italic} /* IE needs this for nested versions of these tags because of reset.css */STRONG EM {font-weight: bold; font-style: italic}BUTTON {font-family:Calibri;padding:0px;margin:0px}.bodyColor {color:#383838}.bodyLight {color:#8B8B8B}.baseSize {font-size:15px}.smaller {font-size:92%}.smallest {font-size:85%}.larger {font-size:114%}A {color:#3366CC.css'"--></style></script><script>netsparker(0x0007A5)</script>; cursor:pointer; text-decoration:none}A:hover {text-decoration:underline}A.lighter {..
The Server responded with an HTTP status 500. This indicates that there is a server-side error. Reasons may vary. The behavior should be analysed carefully. If Netsparker is able to find a security issue in the same resource it will report this as a separate vulnerability.
Impact
The impact may vary depending on the condition. Generally this indicates poor coding practices, not enough error checking, sanitization and whitelisting. However there might be a bigger issue such as SQL Injection. If that's the case Netsparker will check for other possible issues and report them separately.
Remedy
Analyse this issue and review the application code in order to handle unexpected errors, this should be a generic practice which does not disclose further information upon an error. All errors should be handled server side only.
GET /version/ HTTP/1.1 Referer: https://xchange.demandware.com/version/3.8.0.347a/style/print.css User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: xchange.demandware.com Cookie: JSESSIONID=1800BBEC31CAB2F8C5C1F280F1088F88 Accept-Encoding: gzip, deflate Connection: Keep-Alive
Response
HTTP/1.0 500 Internal Server Error Date: Fri, 29 Apr 2011 11:32:00 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1872 Connection: close
<html><head><title>Apache Tomcat/5.5.16 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>The server encountered an internal error () that prevented it from fulfilling this request.</u></p><p><b>exception</b> <pre>java.lang.StringIndexOutOfBoundsException: String index out of range: -1 java.lang.String.substring(Unknown Source) com.pathworkssoftware.servlet.VersionedFileServlet.doGet(VersionedFileServlet.java:50) javax.servlet.http.HttpServlet.service(HttpServlet.java:689) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) com.pathworkssoftware.servlet.InstanceServlet.doGet(InstanceServlet.java:126) javax.servlet.http.HttpServlet.service(HttpServlet.java:689) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) com.pathworkssoftware.filter.URLRewriteFilter.doFilter(URLRewriteFilter.java:83) com.pathworkssoftware.filter.ReconstituteHttpSessionFilter.doFilter(ReconstituteHttpSessionFilter.java:111)</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the Apache Tomcat/5.5.16 logs.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/5.5.16</h3></body></html>
"Auto Complete" was enabled in one or more of the form fields. These were either "password" fields or important fields such as "Credit Card".
Impact
Data entered in these fields will be cached by the browser. An attacker who can access the victim's browser could steal this information. This is especially important if the application is commonly used in shared computers such as cyber cafes or airport terminals.
Remedy
Add the attribute autocomplete="off" to the form tag or to individual "input" fields.
Actions to Take
See the remedy for the solution.
Find all instances of inputs which store private data and disable autocomplete. Fields which contain data such as "Credit Card" or "CCV" type data should not be cached. You can allow the application to cache usernames and remember passwords, however, in most cases this is not recommended.
Re-scan the application after addressing the identified issues to ensure that all of the fixes have been applied properly.
Required Skills for Successful Exploitation
Dumping all data from a browser can be fairly easy and there exist a number of automated tools to undertake this. Where the attacker cannot dump the data, he/she could still browse the recently visited websites and activate the auto-complete feature to see previously entered values.
GET /Login.jsp?goto=https%3A%2F%2Fxchange.demandware.com%2F HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: xchange.demandware.com Accept-Encoding: gzip, deflate Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 29 Apr 2011 11:31:51 GMT P3P: CP="ALL DSP COR CUR ADMi TAI PSA IVA HIS OUR IND STA" Set-Cookie: JSESSIONID=661E040FBA5CA4C37211B005541BF72E; Path=/; Secure Content-Type: text/html;charset=UTF-8 Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>Log In</title><META HTTP-EQUIV="pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><META HTTP-EQUIV="expires" CONTENT="0"><META HTTP-EQUIV="X-UA-Compatible" CONTENT="IE=EmulateIE7" /><link rel="SHORTCUT ICON" href="favicon.ico"><link rel="stylesheet" href="style/brandedCSS.css/key%3D1281721419192%26bannerColor%3D5781AE%26titleColor%3D0E0101%26baseFontFamily%3DCalibri%26baseFontSize%3D15px%26linkColor%3D3366CC.css"><link rel="stylesheet" media="print" href="version/3.8.0.347a/style/print.css" /><link rel="stylesheet" type="text/css" media="screen, projection" href="version/3.8.0.347a/style/integration.css" /><!--[if lte IE 6]><link rel="stylesheet" type="text/css" href="style/ie6.css" media="screen, projection" /><![endif]--><!--[if lte IE 7]><link rel="stylesheet" type="text/css" href="style/ie.css" media="screen, projection" /><![endif]--><script>function getProductNameString() {return "Helpstream"}function getProductVersionString() {return "3.8.0 Build 347"}function getProductCopyrightString() {return"© 2007\u002d2009 Helpstream\u002c Inc\u002e All Rights Reserved"}function getProductBuildDate() {return "2010/03/11 11:08"}</script><script type="text/javascript">(function() {var sa = null;var fn = function(msg) {if (msg == null || (msg == "" && sa == null)) return;if (sa == null) { try { sa = new StatusArea("", {id:"PODMessage", reserveArea:false, permanent:true}); var div = createEl("div"); document.body.insertBefore(div, document.body.firstChild); sa.Build(div); } catch (e) {return;}}if (msg != sa.text) {if (msg != "") { sa.Show(msg);} else { sa.Hide(); sa.text = "";}}}}).call(window);</script></head> <script src="version/3.8.0.347a/js/prototype.js"></script><script src="version/3.8.0.347a/js/ClientMessages.js/en_US/1281721418688"></script><script src="version/3.8.0.347a/js/Core.js"></script><script src="version/3.8.0.347a/js/Enumerations.js/1300356906030"></script><script src="version/3.8.0.347a/js/lang/calendar-en.js"></script> <body class="main mainDots" style="visibility:hidden"><script> var navMode = "PORTAL"; var imageColor = "5781AE"; var highlightColor = "FF0000"; var onloadFunctions = []; var onunloadFunctions = []; var onresizeFunctions = []; var onloadRetry = 0; if (typeof(Static) != "undefined") Static.location = "version/3.8.0.347a/"; if (typeof(Version) != "undefined") Version.location = "version/3.8.0.347a/"; if (typeof(HelpContext) != "undefined") HelpContext.location = "https://xchange.demandware.com/SupportPortal.jsp?search=${searchTerms}"; function doOnloadFunctions() { try { // make sure that Core javascript has been loaded first if (typeof("CoreJS") == "undefined" || !("loaded" in CoreJS) || !CoreJS.loaded) { if (++onloadRetry == 10) { document.location.reload(false); return; } window.setTimeout(doOnloadFunctions, 100); return; } document.body.style.visibility = ""; for (var f in onloadFunctions) { if(!onloadFunctions.hasOwnProperty(f)) continue; onloadFunctions[f].call(window); } callResizeWrapper(); YAHOO.util.Event.addListener(window, "resize", callResizeWrapper); pageComplete(); } catch (err) { Util.processError(err); } } function doOnunloadFunctions() { for (var f in onunloadFunctions) { if(!onunloadFunctions.hasOwnProperty(f)) continue; onunloadFunctions[f].call(window); } } function doOnresizeFunctions() { for (var f in onresizeFunctions) { if(!onresizeFunctions.hasOwnProperty(f)) continue; onresizeFunctions[f].call(window); } } function callResizeWrapper() { ResizeWrapper.OnResize(doOnresizeFunctions) } function resizeBody() { try { var h = YAHOO.util.Dom.getViewportHeight() - YAHOO.util.Dom.getY("pageContentDiv") - 28; // 10px from mainFrame, 9px from image, 2px from mainFrameContent, 5px from innerFrameContent, plus 2px to prevent scrollbar h = h - 17; var currHeight = getEl("pageContentDiv").offsetHeight; if (currHeight < h) // less than getEl("pageContentDiv").style.height = h + "px"; } catch(e) {assert(false)} } onresizeFunctions.push(resizeBody); YAHOO.util.Event.onDOMReady(function() { window.setTimeout(doOnloadFunctions, 100); }); YAHOO.util.Event.addListener(window, "unload", doOnunloadFunctions); </script><div class="application-page mainPadding"><table cellpadding="0" cellspacing="0" class="mainFrame" id="mainFrame" width="100%"><tr><td class="mainFrameTl noprint"><img class="block" src="version/3.8.0.347a/style/images/main_frame_tl.gif"/></td><td class="mainFrameTopBottom"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameTr noprint"><img class="block" src="version/3.8.0.347a/style/images/main_frame_tr.gif"/></td></tr><tr><td class="mainFrameLeftRight noprint"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameContent"><table cellpadding="0" cellspacing="0" class="noprint"><tr><td><a border="0" href="https://demandware.helpstream.biz/SupportPortal.jsp"><img class="bannerLogo block" height="60" src="https://xchange.demandware.com/servlet/CompanyImage/1fdca759b11ac2b8e2a0ee1bf91e5bc4"/></a></td><td style="height:60px; vertical-align:middle"><div class="bannerName" id="bannerName">Community Portal</div></td><td style="height:60px"/></tr></table><table cellpadding="0" cellspacing="0" id="loginBannerBar" width="100%"><tr><td class="loginBannerLeft noprint"/><td align="right" class="loginBannerMiddle noprint"><img class="block" src="version/3.8.0.347a/style/images/login_banner_right.gif?color=5781AE"/></td></tr></table></td><td class="mainFrameLeftRight noprint"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td></tr><tr><td class="mainFrameLeftRight"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameContent"><div class="innerFrameContent" id="innerFrameContent"><div id="pageContentDiv"> <script language="JavaScript"> var PageGlobal = { changeLocale: function(selectObj) { var option = selectObj.options[selectObj.selectedIndex]; document.cookie = "locale=" + option.value; // save the current user if (getEl("username").value) { document.cookie = "AmbientUserID=" + escape(getEl("username").value); } Util.reloadPage(); }, pageLoad: function() { var isInstance = ("true" == "true"); var showPortalJoin = ("true" == "true"); var portalSiteName = "\u0043\u006f\u006d\u006d\u0075\u006e\u0069\u0074\u0079\u0020\u0050\u006f\u0072\u0074\u0061\u006c"; var isPortalLogin = ("false" == "true"); var debug = ""; if (debug != "") document.cookie = "DEBUG_ON=true"; var logging = ""; Logging.initLogging(logging); var loginBtn = new Button({ id:"loginBtn", label: Msgs.get("LOG_IN_BUTTON", "Log In"), style: "button3", paddingTop : 0, labelPadding: "0px 12px", onclick: { fn: function() { PageGlobal.doLogin("ApplicationLogin") } } }); loginBtn.Build(getEl("loginButtonDiv")); getEl("loginButtonDiv").button = loginBtn; // set the cookie for the locale - this way if they login from here, it will update the language from the cookie. // If a user switches browsers, or uses a different URL to get to the same instance, the cookies // won't be shared - and without this they might see a different language after logging in, based on the database value document.cookie = "locale=en_US"; if (getEl("joinDiv")) { var html = ""; if (isInstance) { var joinWorkspaceUrl = "JoinWorkspace.jsp"; if (showPortalJoin) html += "<table width='100%'><tr><td class=loginText>" + (isInstance ? Msgs.get("REQUEST_JOIN_SITENAME", "Request to join {0}", [portalSiteName]) : Msgs.get("MY_ORG_USING_HELPSTREAM", "My organization is already using Helpstream")) + "</td><td align=right id=joinBtn></td></tr></table>"; } else { var joinWorkspaceUrl = "JoinExisting.jsp"; html += "<table width='100%'><tr><td class=loginText>" + Msgs.get("MY_ORG_USING_HELPSTREAM", "My organization is already using Helpstream") + "</td><td align=right id=joinBtn></td></tr></table>"; html += "<table width='100%'><tr><td class=loginText>" + Msgs.get("FIRST_ORG_USE_HELPSTREAM", "I'm the first in my organization to use Helpstream") + "</td><td align=right id=signUpBtn></td></tr></table>"; } getEl("joinDiv").innerHTML = html; if (getEl("joinBtn")) { var joinBtn = new Button({ id:"joinBtn", label: Msgs.get("GET_LOGIN_BTN", "Get a login now"), style: "button", preSpacerWidth: 0, paddingTop: 0, onclick: { fn: function() {document.location = joinWorkspaceUrl} } }); joinBtn.Build(getEl("joinBtn")); } if (getEl("signUpBtn")) { var signUpBtn = new Button({ id:"signUpBtn", label: Msgs.get("SIGN_UP_PATHWORKS_BTN", "Sign up for Helpstream"), style: "button", preSpacerWidth: 0, paddingTop: 0, onclick: { fn: function() {document.location = "SignUp.jsp"} } }); signUpBtn.Build(getEl("signUpBtn")); } } // set error messages var invalid = ""; if (getEl("loginHelpDiv")) getEl("loginHelpDiv").innerHTML = getHelpContextLink("LOGIN"); PageGlobal.showMessage(invalid); // test supported browser, but warn once only try { var ver = Number(Global.browserVersion); if (!isNaN(ver) && !((Global.IsInternetExplorer && ver >= 6.0) || (Global.IsFirefox && ver >= 2.0) || (Global.IsSafari && ver >= 3.0) || Global.IsChrome)) { var prevUnsuppBrowser = Cookie.GetCookie("UNSUPPORTED_BROWSER"); if (prevUnsuppBrowser == null || prevUnsuppBrowser == "" || prevUnsuppBrowser != navigator.userAgent) { Util.alertMessage(Msgs.get("UNSUPPORTED_BROWSER", "Warning: The browser you are using is not officially supported. We recommend using one of the following supported browsers:") + "\n\n - " + Msgs.get("SUPPORTED_BROWSER_IE", "Internet Explorer 6 and up") + "\n - " + Msgs.get("SUPPORTED_BROWSER_FIREFOX", "Firefox 2.0 and up") + "\n - " + Msgs.get("SUPPORTED_BROWSER_SAFARI", "Safari 3.0 and up") + "\n\n" + Msgs.get("UNSUPPORTED_BROWSER_INSTR", "You may continue to login with your current browser but may experience page layout issues.")); Cookie.SetCookie("UNSUPPORTED_BROWSER", navigator.userAgent); } } } catch(e) {} if (Global.IsSmallScreen) { getEl("loginArea").style.marginTop = "2px"; for (var elem in {box1: null, box2: null, box3: null}) { if (getEl(elem)) getEl(elem).style.paddingTop = "3px"; } } // show special messages portalLogin depending on destination URL if (isPortalLogin) { PageGlobal.showSpecialInstructions(); } // show center content var centerContent = getEl("centerContent"); var loginBannerBar = getEl("loginBannerBar"); if (loginBannerBar == null) { centerContent.style.visibility = ""; getEl("pageContentDiv").style.width = "auto"; } else { var elemsHash = {boxTitleTl_1: "boxTitleRedTl", boxTitleTop_1: "boxTitleRedTop", boxTitleTr_1: "boxTitleRedTr", boxTitleTl_2: "boxTitleRedTl", boxTitleTop_2: "boxTitleRedTop", boxTitleTr_2: "boxTitleRedTr"}; for (var elem in elemsHash) { if (getEl(elem)) getEl(elem).className = elemsHash[elem]; } centerContent.style.position = "absolute"; centerContent.style.zIndex = 6; var hackOffset = (Global.IsInternetExplorer ? -2 : 0); centerContent.style.top = (YAHOO.util.Dom.getY(loginBannerBar) + hackOffset + loginBannerBar.offsetHeight - 10) + "px"; // 10px is the overlap of boxes over login bar PageGlobal.pageResize(); centerContent.style.visibility = ""; onresizeFunctions.push(PageGlobal.pageResize); } try { if (getEl("username")) { if (getEl("username").value != "") getEl("password").focus(); else getEl("username").focus(); } } catch(e) {} }, showMessage: function(invalid) { if (invalid == "") return; var msgArea = getEl("messageArea"); var anim = false; var sectionDiv = getEl("messageAreaSectionDiv"); if (sectionDiv == null) { var section = new Section("", {style: "link", isCollapsable: false}); sectionDiv = section.Build(msgArea); sectionDiv.id = "messageAreaSectionDiv"; anim = true; } // check invalid login var msg = ""; switch (invalid) { case "1176": msg = Msgs.get("LOGIN_PASSWORD_FAILED", "The login and password do not match an account in the system."); break; case "1027": msg = Msgs.get("LOGIN_UNLICENSED_USER", "The user does not have a license to use the system."); break; case "1034": msg = Msgs.get("ERROR_NO_GUEST_ACCOUNT", "A guest user must exist to enable public access mode."); break; case "1120": msg = Msgs.get("ERROR_GUEST_REQUIRES_ENTERPRISE", "Public access requires a Public Access license."); break; case "1191": msg = Msgs.get("ERROR_SESSION_EXPIRED", "Your session has expired."); break; case "1295" : msg = Msgs.get("ERROR_NO_SUCH_GOOGLE_USER", "The Google account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; case "1299" : msg = Msgs.get("ERROR_NO_SUCH_SALESFORCE_USER", "The Salesforce.com account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; case "1306" : msg = Msgs.get("ERROR_NO_SUCH_ORACLE_USER", "The Oracle CRM On-Demand account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; default : msg = invalid; } sectionDiv.innerHTML = "<span class=invalidLogin>" + msg + "</span>"; if (anim) { var anim = new YAHOO.util.Anim("messageArea", {height: {from: 0, to: Util.getAutoHeight(getEl("messageArea"))}}, 0.5); anim.animate(); anim.onComplete.subscribe(function() {getEl("messageArea").style.height = "auto"}); } else { var anim = new YAHOO.util.ColorAnim(sectionDiv, {backgroundColor: { from: '#ff0000', to: '#ffffff' } }, 0.5); anim.animate(); } }, showSpecialInstructions: function() { var gotoUrl = "\u0068\u0074\u0074\u0070\u0073\u003a\u002f\u002f\u0078\u0063\u0068\u0061\u006e\u0067\u0065\u002e\u0064\u0065\u006d\u0061\u006e\u0064\u0077\u0061\u0072\u0065\u002e\u0063\u006f\u006d\u002f"; var msg = Msgs.get("CURRENTLY_GUEST_ACCESS", "You currently have guest access."); var title = null; var helpContext = null; if (gotoUrl.indexOf("/NewCase.jsp") != -1) { title = Msgs.get("NEW_CASE_TITLE", "New Case"); helpContext = "NEW_TICKET_GUEST"; msg += " <b>" + Msgs.get("LOGIN_SUBMIT_CASE", "Please login to submit a case") + "</b>"; var emailFrom = "suptest@demandware.com"; if (emailFrom != "") msg += " " + Msgs.get("OR_SUBMIT_CASE_TO_EMAIL_HTML", "OR email case details to <a class=underline href='{0}'><b>{1}</b></a>", ["mailto:" + emailFrom, emailFrom]); msg += "."; // right links RightLinks.Build({divId: "pageRightActions", divIdToHideIfEmpty: "pageRightActionsArea", links: ["Browse"]}); } else if (gotoUrl.indexOf("/NewTopic.jsp") != -1) { if (gotoUrl.indexOf("..
Cookie was not marked as HTTPOnly. HTTPOnly cookies can not be read by client-side scripts therefore marking a cookie as HTTPOnly can provide an additional layer of protection against Cross-site Scripting attacks..
Impact
During a Cross-site Scripting attack an attacker might easily access cookies and hijack the victim's session.
Actions to Take
See the remedy for solution
Consider marking all of the cookies used by the application as HTTPOnly (After these changes javascript code will not able to read cookies.
Remedy
Mark the cookie as HTTPOnly. This will be an extra layer of defence against XSS. However this is not a silver bullet and will not protect the system against Cross-site Scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.
GET /Login.jsp?goto=https%3A%2F%2Fxchange.demandware.com%2F HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: xchange.demandware.com Accept-Encoding: gzip, deflate Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 29 Apr 2011 11:31:51 GMT P3P: CP="ALL DSP COR CUR ADMi TAI PSA IVA HIS OUR IND STA" Set-Cookie: JSESSIONID=661E040FBA5CA4C37211B005541BF72E; Path=/; Secure Content-Type: text/html;charset=UTF-8 Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>Log In</title><META HTTP-EQUIV="pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><META HTTP-EQUIV="expires" CONTENT="0"><META HTTP-EQUIV="X-UA-Compatible" CONTENT="IE=EmulateIE7" /><link rel="SHORTCUT ICON" href="favicon.ico"><link rel="stylesheet" href="style/brandedCSS.css/key%3D1281721419192%26bannerColor%3D5781AE%26titleColor%3D0E0101%26baseFontFamily%3DCalibri%26baseFontSize%3D15px%26linkColor%3D3366CC.css"><link rel="stylesheet" media="print" href="version/3.8.0.347a/style/print.css" /><link rel="stylesheet" type="text/css" media="screen, projection" href="version/3.8.0.347a/style/integration.css" /><!--[if lte IE 6]><link rel="stylesheet" type="text/css" href="style/ie6.css" media="screen, projection" /><![endif]--><!--[if lte IE 7]><link rel="stylesheet" type="text/css" href="style/ie.css" media="screen, projection" /><![endif]--><script>function getProductNameString() {return "Helpstream"}function getProductVersionString() {return "3.8.0 Build 347"}function getProductCopyrightString() {return"© 2007\u002d2009 Helpstream\u002c Inc\u002e All Rights Reserved"}function getProductBuildDate() {return "2010/03/11 11:08"}</script><script type="text/javascript">(function() {var sa = null;var fn = function(msg) {if (msg == null || (msg == "" && sa == null)) return;if (sa == null) { try { sa = new StatusArea("", {id:"PODMessage", reserveArea:false, permanent:true}); var div = createEl("div"); document.body.insertBefore(div, document.body.firstChild); sa.Build(div); } catch (e) {return;}}if (msg != sa.text) {if (msg != "") { sa.Show(msg);} else { sa.Hide(); sa.text = "";}}}}).call(window);</script></head> <script src="version/3.8.0.347a/js/prototype.js"></script><script src="version/3.8.0.347a/js/ClientMessages.js/en_US/1281721418688"></script><script src="version/3.8.0.347a/js/Core.js"></script><script src="version/3.8.0.347a/js/Enumerations.js/1300356906030"></script><script src="version/3.8.0.347a/js/lang/calendar-en.js"></script> <body class="main mainDots" style="visibility:hidden"><script> var navMode = "PORTAL"; var imageColor = "5781AE"; var highlightColor = "FF0000"; var onloadFunctions = []; var onunloadFunctions = []; var onresizeFunctions = []; var onloadRetry = 0; if (typeof(Static) != "undefined") Static.location = "version/3.8.0.347a/"; if (typeof(Version) != "undefined") Version.location = "version/3.8.0.347a/"; if (typeof(HelpContext) != "undefined") HelpContext.location = "https://xchange.demandware.com/SupportPortal.jsp?search=${searchTerms}"; function doOnloadFunctions() { try { // make sure that Core javascript has been loaded first if (typeof("CoreJS") == "undefined" || !("loaded" in CoreJS) || !CoreJS.loaded) { if (++onloadRetry == 10) { document.location.reload(false); return; } window.setTimeout(doOnloadFunctions, 100); return; } document.body.style.visibility = ""; for (var f in onloadFunctions) { if(!onloadFunctions.hasOwnProperty(f)) continue; onloadFunctions[f].call(window); } callResizeWrapper(); YAHOO.util.Event.addListener(window, "resize", callResizeWrapper); pageComplete(); } catch (err) { Util.processError(err); } } function doOnunloadFunctions() { for (var f in onunloadFunctions) { if(!onunloadFunctions.hasOwnProperty(f)) continue; onunloadFunctions[f].call(window); } } function doOnresizeFunctions() { for (var f in onresizeFunctions) { if(!onresizeFunctions.hasOwnProperty(f)) continue; onresizeFunctions[f].call(window); } } function callResizeWrapper() { ResizeWrapper.OnResize(doOnresizeFunctions) } function resizeBody() { try { var h = YAHOO.util.Dom.getViewportHeight() - YAHOO.util.Dom.getY("pageContentDiv") - 28; // 10px from mainFrame, 9px from image, 2px from mainFrameContent, 5px from innerFrameContent, plus 2px to prevent scrollbar h = h - 17; var currHeight = getEl("pageContentDiv").offsetHeight; if (currHeight < h) // less than getEl("pageContentDiv").style.height = h + "px"; } catch(e) {assert(false)} } onresizeFunctions.push(resizeBody); YAHOO.util.Event.onDOMReady(function() { window.setTimeout(doOnloadFunctions, 100); }); YAHOO.util.Event.addListener(window, "unload", doOnunloadFunctions); </script><div class="application-page mainPadding"><table cellpadding="0" cellspacing="0" class="mainFrame" id="mainFrame" width="100%"><tr><td class="mainFrameTl noprint"><img class="block" src="version/3.8.0.347a/style/images/main_frame_tl.gif"/></td><td class="mainFrameTopBottom"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameTr noprint"><img class="block" src="version/3.8.0.347a/style/images/main_frame_tr.gif"/></td></tr><tr><td class="mainFrameLeftRight noprint"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameContent"><table cellpadding="0" cellspacing="0" class="noprint"><tr><td><a border="0" href="https://demandware.helpstream.biz/SupportPortal.jsp"><img class="bannerLogo block" height="60" src="https://xchange.demandware.com/servlet/CompanyImage/1fdca759b11ac2b8e2a0ee1bf91e5bc4"/></a></td><td style="height:60px; vertical-align:middle"><div class="bannerName" id="bannerName">Community Portal</div></td><td style="height:60px"/></tr></table><table cellpadding="0" cellspacing="0" id="loginBannerBar" width="100%"><tr><td class="loginBannerLeft noprint"/><td align="right" class="loginBannerMiddle noprint"><img class="block" src="version/3.8.0.347a/style/images/login_banner_right.gif?color=5781AE"/></td></tr></table></td><td class="mainFrameLeftRight noprint"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td></tr><tr><td class="mainFrameLeftRight"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameContent"><div class="innerFrameContent" id="innerFrameContent"><div id="pageContentDiv"> <script language="JavaScript"> var PageGlobal = { changeLocale: function(selectObj) { var option = selectObj.options[selectObj.selectedIndex]; document.cookie = "locale=" + option.value; // save the current user if (getEl("username").value) { document.cookie = "AmbientUserID=" + escape(getEl("username").value); } Util.reloadPage(); }, pageLoad: function() { var isInstance = ("true" == "true"); var showPortalJoin = ("true" == "true"); var portalSiteName = "\u0043\u006f\u006d\u006d\u0075\u006e\u0069\u0074\u0079\u0020\u0050\u006f\u0072\u0074\u0061\u006c"; var isPortalLogin = ("false" == "true"); var debug = ""; if (debug != "") document.cookie = "DEBUG_ON=true"; var logging = ""; Logging.initLogging(logging); var loginBtn = new Button({ id:"loginBtn", label: Msgs.get("LOG_IN_BUTTON", "Log In"), style: "button3", paddingTop : 0, labelPadding: "0px 12px", onclick: { fn: function() { PageGlobal.doLogin("ApplicationLogin") } } }); loginBtn.Build(getEl("loginButtonDiv")); getEl("loginButtonDiv").button = loginBtn; // set the cookie for the locale - this way if they login from here, it will update the language from the cookie. // If a user switches browsers, or uses a different URL to get to the same instance, the cookies // won't be shared - and without this they might see a different language after logging in, based on the database value document.cookie = "locale=en_US"; if (getEl("joinDiv")) { var html = ""; if (isInstance) { var joinWorkspaceUrl = "JoinWorkspace.jsp"; if (showPortalJoin) html += "<table width='100%'><tr><td class=loginText>" + (isInstance ? Msgs.get("REQUEST_JOIN_SITENAME", "Request to join {0}", [portalSiteName]) : Msgs.get("MY_ORG_USING_HELPSTREAM", "My organization is already using Helpstream")) + "</td><td align=right id=joinBtn></td></tr></table>"; } else { var joinWorkspaceUrl = "JoinExisting.jsp"; html += "<table width='100%'><tr><td class=loginText>" + Msgs.get("MY_ORG_USING_HELPSTREAM", "My organization is already using Helpstream") + "</td><td align=right id=joinBtn></td></tr></table>"; html += "<table width='100%'><tr><td class=loginText>" + Msgs.get("FIRST_ORG_USE_HELPSTREAM", "I'm the first in my organization to use Helpstream") + "</td><td align=right id=signUpBtn></td></tr></table>"; } getEl("joinDiv").innerHTML = html; if (getEl("joinBtn")) { var joinBtn = new Button({ id:"joinBtn", label: Msgs.get("GET_LOGIN_BTN", "Get a login now"), style: "button", preSpacerWidth: 0, paddingTop: 0, onclick: { fn: function() {document.location = joinWorkspaceUrl} } }); joinBtn.Build(getEl("joinBtn")); } if (getEl("signUpBtn")) { var signUpBtn = new Button({ id:"signUpBtn", label: Msgs.get("SIGN_UP_PATHWORKS_BTN", "Sign up for Helpstream"), style: "button", preSpacerWidth: 0, paddingTop: 0, onclick: { fn: function() {document.location = "SignUp.jsp"} } }); signUpBtn.Build(getEl("signUpBtn")); } } // set error messages var invalid = ""; if (getEl("loginHelpDiv")) getEl("loginHelpDiv").innerHTML = getHelpContextLink("LOGIN"); PageGlobal.showMessage(invalid); // test supported browser, but warn once only try { var ver = Number(Global.browserVersion); if (!isNaN(ver) && !((Global.IsInternetExplorer && ver >= 6.0) || (Global.IsFirefox && ver >= 2.0) || (Global.IsSafari && ver >= 3.0) || Global.IsChrome)) { var prevUnsuppBrowser = Cookie.GetCookie("UNSUPPORTED_BROWSER"); if (prevUnsuppBrowser == null || prevUnsuppBrowser == "" || prevUnsuppBrowser != navigator.userAgent) { Util.alertMessage(Msgs.get("UNSUPPORTED_BROWSER", "Warning: The browser you are using is not officially supported. We recommend using one of the following supported browsers:") + "\n\n - " + Msgs.get("SUPPORTED_BROWSER_IE", "Internet Explorer 6 and up") + "\n - " + Msgs.get("SUPPORTED_BROWSER_FIREFOX", "Firefox 2.0 and up") + "\n - " + Msgs.get("SUPPORTED_BROWSER_SAFARI", "Safari 3.0 and up") + "\n\n" + Msgs.get("UNSUPPORTED_BROWSER_INSTR", "You may continue to login with your current browser but may experience page layout issues.")); Cookie.SetCookie("UNSUPPORTED_BROWSER", navigator.userAgent); } } } catch(e) {} if (Global.IsSmallScreen) { getEl("loginArea").style.marginTop = "2px"; for (var elem in {box1: null, box2: null, box3: null}) { if (getEl(elem)) getEl(elem).style.paddingTop = "3px"; } } // show special messages portalLogin depending on destination URL if (isPortalLogin) { PageGlobal.showSpecialInstructions(); } // show center content var centerContent = getEl("centerContent"); var loginBannerBar = getEl("loginBannerBar"); if (loginBannerBar == null) { centerContent.style.visibility = ""; getEl("pageContentDiv").style.width = "auto"; } else { var elemsHash = {boxTitleTl_1: "boxTitleRedTl", boxTitleTop_1: "boxTitleRedTop", boxTitleTr_1: "boxTitleRedTr", boxTitleTl_2: "boxTitleRedTl", boxTitleTop_2: "boxTitleRedTop", boxTitleTr_2: "boxTitleRedTr"}; for (var elem in elemsHash) { if (getEl(elem)) getEl(elem).className = elemsHash[elem]; } centerContent.style.position = "absolute"; centerContent.style.zIndex = 6; var hackOffset = (Global.IsInternetExplorer ? -2 : 0); centerContent.style.top = (YAHOO.util.Dom.getY(loginBannerBar) + hackOffset + loginBannerBar.offsetHeight - 10) + "px"; // 10px is the overlap of boxes over login bar PageGlobal.pageResize(); centerContent.style.visibility = ""; onresizeFunctions.push(PageGlobal.pageResize); } try { if (getEl("username")) { if (getEl("username").value != "") getEl("password").focus(); else getEl("username").focus(); } } catch(e) {} }, showMessage: function(invalid) { if (invalid == "") return; var msgArea = getEl("messageArea"); var anim = false; var sectionDiv = getEl("messageAreaSectionDiv"); if (sectionDiv == null) { var section = new Section("", {style: "link", isCollapsable: false}); sectionDiv = section.Build(msgArea); sectionDiv.id = "messageAreaSectionDiv"; anim = true; } // check invalid login var msg = ""; switch (invalid) { case "1176": msg = Msgs.get("LOGIN_PASSWORD_FAILED", "The login and password do not match an account in the system."); break; case "1027": msg = Msgs.get("LOGIN_UNLICENSED_USER", "The user does not have a license to use the system."); break; case "1034": msg = Msgs.get("ERROR_NO_GUEST_ACCOUNT", "A guest user must exist to enable public access mode."); break; case "1120": msg = Msgs.get("ERROR_GUEST_REQUIRES_ENTERPRISE", "Public access requires a Public Access license."); break; case "1191": msg = Msgs.get("ERROR_SESSION_EXPIRED", "Your session has expired."); break; case "1295" : msg = Msgs.get("ERROR_NO_SUCH_GOOGLE_USER", "The Google account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; case "1299" : msg = Msgs.get("ERROR_NO_SUCH_SALESFORCE_USER", "The Salesforce.com account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; case "1306" : msg = Msgs.get("ERROR_NO_SUCH_ORACLE_USER", "The Oracle CRM On-Demand account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; default : msg = invalid; } sectionDiv.innerHTML = "<span class=invalidLogin>" + msg + "</span>"; if (anim) { var anim = new YAHOO.util.Anim("messageArea", {height: {from: 0, to: Util.getAutoHeight(getEl("messageArea"))}}, 0.5); anim.animate(); anim.onComplete.subscribe(function() {getEl("messageArea").style.height = "auto"}); } else { var anim = new YAHOO.util.ColorAnim(sectionDiv, {backgroundColor: { from: '#ff0000', to: '#ffffff' } }, 0.5); anim.animate(); } }, showSpecialInstructions: function() { var gotoUrl = "\u0068\u0074\u0074\u0070\u0073\u003a\u002f\u002f\u0078\u0063\u0068\u0061\u006e\u0067\u0065\u002e\u0064\u0065\u006d\u0061\u006e\u0064\u0077\u0061\u0072\u0065\u002e\u0063\u006f\u006d\u002f"; var msg = Msgs.get("CURRENTLY_GUEST_ACCESS", "You currently have guest access."); var title = null; var helpContext = null; if (gotoUrl.indexOf("/NewCase.jsp") != -1) { title = Msgs.get("NEW_CASE_TITLE", "New Case"); helpContext = "NEW_TICKET_GUEST"; msg += " <b>" + Msgs.get("LOGIN_SUBMIT_CASE", "Please login to submit a case") + "</b>"; var emailFrom = "suptest@demandware.com"; if (emailFrom != "") msg += " " + Msgs.get("OR_SUBMIT_CASE_TO_EMAIL_HTML", "OR email case details to <a class=underline href='{0}'><b>{1}</b></a>", ["mailto:" + emailFrom, emailFrom]); msg += "."; // right links RightLinks.Build({divId: "pageRightActions", divIdToHideIfEmpty: "pageRightActionsArea", links: ["Browse"]}); } else if (gotoUrl.indexOf("/NewTopic.jsp") != -1) { if (gotoUrl.indexOf("..
GET /version/ HTTP/1.1 Referer: https://xchange.demandware.com/version/3.8.0.347a/style/print.css User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: xchange.demandware.com Cookie: JSESSIONID=1800BBEC31CAB2F8C5C1F280F1088F88 Accept-Encoding: gzip, deflate Connection: Keep-Alive
Response
HTTP/1.0 500 Internal Server Error Date: Fri, 29 Apr 2011 11:32:00 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1872 Connection: close
<html><head><title>Apache Tomcat/5.5.16 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>The server encountered an internal error () that prevented it from fulfilling this request.</u></p><p><b>exception</b> <pre>java.lang.StringIndexOutOfBoundsException: String index out of range: -1 java.lang.String.substring(Unknown Source) com.pathworkssoftware.servlet.VersionedFileServlet.doGet(VersionedFileServlet.java:50) javax.servlet.http.HttpServlet.service(HttpServlet.java:689) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) com.pathworkssoftware.servlet.InstanceServlet.doGet(InstanceServlet.java:126) javax.servlet.http.HttpServlet.service(HttpServlet.java:689) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) com.pathworkssoftware.filter.URLRewriteFilter.doFilter(URLRewriteFilter.java:83) com.pathworkssoftware.filter.ReconstituteHttpSessionFilter.doFilter(ReconstituteHttpSessionFilter.java:111)</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the Apache Tomcat/5.5.16 logs.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/5.5.16</h3></body></html>
Netsparker found e-mail addresses on the web site.
Impact
E-mail addresses discovered within the application can be used by both spam email engines and also brute force tools. Furthermore valid email addresses may lead to social engineering attacks .
Remedy
Use generic email addresses such as contact@ or info@ for general communications, remove user/people specific e-mail addresses from the web site, should this be required use submission forms for this purpose.
GET /Login.jsp?goto=https%3A%2F%2Fxchange.demandware.com%2F HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: xchange.demandware.com Accept-Encoding: gzip, deflate Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 29 Apr 2011 11:31:51 GMT P3P: CP="ALL DSP COR CUR ADMi TAI PSA IVA HIS OUR IND STA" Set-Cookie: JSESSIONID=661E040FBA5CA4C37211B005541BF72E; Path=/; Secure Content-Type: text/html;charset=UTF-8 Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>Log In</title><META HTTP-EQUIV="pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><META HTTP-EQUIV="expires" CONTENT="0"><META HTTP-EQUIV="X-UA-Compatible" CONTENT="IE=EmulateIE7" /><link rel="SHORTCUT ICON" href="favicon.ico"><link rel="stylesheet" href="style/brandedCSS.css/key%3D1281721419192%26bannerColor%3D5781AE%26titleColor%3D0E0101%26baseFontFamily%3DCalibri%26baseFontSize%3D15px%26linkColor%3D3366CC.css"><link rel="stylesheet" media="print" href="version/3.8.0.347a/style/print.css" /><link rel="stylesheet" type="text/css" media="screen, projection" href="version/3.8.0.347a/style/integration.css" /><!--[if lte IE 6]><link rel="stylesheet" type="text/css" href="style/ie6.css" media="screen, projection" /><![endif]--><!--[if lte IE 7]><link rel="stylesheet" type="text/css" href="style/ie.css" media="screen, projection" /><![endif]--><script>function getProductNameString() {return "Helpstream"}function getProductVersionString() {return "3.8.0 Build 347"}function getProductCopyrightString() {return"© 2007\u002d2009 Helpstream\u002c Inc\u002e All Rights Reserved"}function getProductBuildDate() {return "2010/03/11 11:08"}</script><script type="text/javascript">(function() {var sa = null;var fn = function(msg) {if (msg == null || (msg == "" && sa == null)) return;if (sa == null) { try { sa = new StatusArea("", {id:"PODMessage", reserveArea:false, permanent:true}); var div = createEl("div"); document.body.insertBefore(div, document.body.firstChild); sa.Build(div); } catch (e) {return;}}if (msg != sa.text) {if (msg != "") { sa.Show(msg);} else { sa.Hide(); sa.text = "";}}}}).call(window);</script></head> <script src="version/3.8.0.347a/js/prototype.js"></script><script src="version/3.8.0.347a/js/ClientMessages.js/en_US/1281721418688"></script><script src="version/3.8.0.347a/js/Core.js"></script><script src="version/3.8.0.347a/js/Enumerations.js/1300356906030"></script><script src="version/3.8.0.347a/js/lang/calendar-en.js"></script> <body class="main mainDots" style="visibility:hidden"><script> var navMode = "PORTAL"; var imageColor = "5781AE"; var highlightColor = "FF0000"; var onloadFunctions = []; var onunloadFunctions = []; var onresizeFunctions = []; var onloadRetry = 0; if (typeof(Static) != "undefined") Static.location = "version/3.8.0.347a/"; if (typeof(Version) != "undefined") Version.location = "version/3.8.0.347a/"; if (typeof(HelpContext) != "undefined") HelpContext.location = "https://xchange.demandware.com/SupportPortal.jsp?search=${searchTerms}"; function doOnloadFunctions() { try { // make sure that Core javascript has been loaded first if (typeof("CoreJS") == "undefined" || !("loaded" in CoreJS) || !CoreJS.loaded) { if (++onloadRetry == 10) { document.location.reload(false); return; } window.setTimeout(doOnloadFunctions, 100); return; } document.body.style.visibility = ""; for (var f in onloadFunctions) { if(!onloadFunctions.hasOwnProperty(f)) continue; onloadFunctions[f].call(window); } callResizeWrapper(); YAHOO.util.Event.addListener(window, "resize", callResizeWrapper); pageComplete(); } catch (err) { Util.processError(err); } } function doOnunloadFunctions() { for (var f in onunloadFunctions) { if(!onunloadFunctions.hasOwnProperty(f)) continue; onunloadFunctions[f].call(window); } } function doOnresizeFunctions() { for (var f in onresizeFunctions) { if(!onresizeFunctions.hasOwnProperty(f)) continue; onresizeFunctions[f].call(window); } } function callResizeWrapper() { ResizeWrapper.OnResize(doOnresizeFunctions) } function resizeBody() { try { var h = YAHOO.util.Dom.getViewportHeight() - YAHOO.util.Dom.getY("pageContentDiv") - 28; // 10px from mainFrame, 9px from image, 2px from mainFrameContent, 5px from innerFrameContent, plus 2px to prevent scrollbar h = h - 17; var currHeight = getEl("pageContentDiv").offsetHeight; if (currHeight < h) // less than getEl("pageContentDiv").style.height = h + "px"; } catch(e) {assert(false)} } onresizeFunctions.push(resizeBody); YAHOO.util.Event.onDOMReady(function() { window.setTimeout(doOnloadFunctions, 100); }); YAHOO.util.Event.addListener(window, "unload", doOnunloadFunctions); </script><div class="application-page mainPadding"><table cellpadding="0" cellspacing="0" class="mainFrame" id="mainFrame" width="100%"><tr><td class="mainFrameTl noprint"><img class="block" src="version/3.8.0.347a/style/images/main_frame_tl.gif"/></td><td class="mainFrameTopBottom"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameTr noprint"><img class="block" src="version/3.8.0.347a/style/images/main_frame_tr.gif"/></td></tr><tr><td class="mainFrameLeftRight noprint"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameContent"><table cellpadding="0" cellspacing="0" class="noprint"><tr><td><a border="0" href="https://demandware.helpstream.biz/SupportPortal.jsp"><img class="bannerLogo block" height="60" src="https://xchange.demandware.com/servlet/CompanyImage/1fdca759b11ac2b8e2a0ee1bf91e5bc4"/></a></td><td style="height:60px; vertical-align:middle"><div class="bannerName" id="bannerName">Community Portal</div></td><td style="height:60px"/></tr></table><table cellpadding="0" cellspacing="0" id="loginBannerBar" width="100%"><tr><td class="loginBannerLeft noprint"/><td align="right" class="loginBannerMiddle noprint"><img class="block" src="version/3.8.0.347a/style/images/login_banner_right.gif?color=5781AE"/></td></tr></table></td><td class="mainFrameLeftRight noprint"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td></tr><tr><td class="mainFrameLeftRight"><img class="block" src="version/3.8.0.347a/images/spacer.gif"/></td><td class="mainFrameContent"><div class="innerFrameContent" id="innerFrameContent"><div id="pageContentDiv"> <script language="JavaScript"> var PageGlobal = { changeLocale: function(selectObj) { var option = selectObj.options[selectObj.selectedIndex]; document.cookie = "locale=" + option.value; // save the current user if (getEl("username").value) { document.cookie = "AmbientUserID=" + escape(getEl("username").value); } Util.reloadPage(); }, pageLoad: function() { var isInstance = ("true" == "true"); var showPortalJoin = ("true" == "true"); var portalSiteName = "\u0043\u006f\u006d\u006d\u0075\u006e\u0069\u0074\u0079\u0020\u0050\u006f\u0072\u0074\u0061\u006c"; var isPortalLogin = ("false" == "true"); var debug = ""; if (debug != "") document.cookie = "DEBUG_ON=true"; var logging = ""; Logging.initLogging(logging); var loginBtn = new Button({ id:"loginBtn", label: Msgs.get("LOG_IN_BUTTON", "Log In"), style: "button3", paddingTop : 0, labelPadding: "0px 12px", onclick: { fn: function() { PageGlobal.doLogin("ApplicationLogin") } } }); loginBtn.Build(getEl("loginButtonDiv")); getEl("loginButtonDiv").button = loginBtn; // set the cookie for the locale - this way if they login from here, it will update the language from the cookie. // If a user switches browsers, or uses a different URL to get to the same instance, the cookies // won't be shared - and without this they might see a different language after logging in, based on the database value document.cookie = "locale=en_US"; if (getEl("joinDiv")) { var html = ""; if (isInstance) { var joinWorkspaceUrl = "JoinWorkspace.jsp"; if (showPortalJoin) html += "<table width='100%'><tr><td class=loginText>" + (isInstance ? Msgs.get("REQUEST_JOIN_SITENAME", "Request to join {0}", [portalSiteName]) : Msgs.get("MY_ORG_USING_HELPSTREAM", "My organization is already using Helpstream")) + "</td><td align=right id=joinBtn></td></tr></table>"; } else { var joinWorkspaceUrl = "JoinExisting.jsp"; html += "<table width='100%'><tr><td class=loginText>" + Msgs.get("MY_ORG_USING_HELPSTREAM", "My organization is already using Helpstream") + "</td><td align=right id=joinBtn></td></tr></table>"; html += "<table width='100%'><tr><td class=loginText>" + Msgs.get("FIRST_ORG_USE_HELPSTREAM", "I'm the first in my organization to use Helpstream") + "</td><td align=right id=signUpBtn></td></tr></table>"; } getEl("joinDiv").innerHTML = html; if (getEl("joinBtn")) { var joinBtn = new Button({ id:"joinBtn", label: Msgs.get("GET_LOGIN_BTN", "Get a login now"), style: "button", preSpacerWidth: 0, paddingTop: 0, onclick: { fn: function() {document.location = joinWorkspaceUrl} } }); joinBtn.Build(getEl("joinBtn")); } if (getEl("signUpBtn")) { var signUpBtn = new Button({ id:"signUpBtn", label: Msgs.get("SIGN_UP_PATHWORKS_BTN", "Sign up for Helpstream"), style: "button", preSpacerWidth: 0, paddingTop: 0, onclick: { fn: function() {document.location = "SignUp.jsp"} } }); signUpBtn.Build(getEl("signUpBtn")); } } // set error messages var invalid = ""; if (getEl("loginHelpDiv")) getEl("loginHelpDiv").innerHTML = getHelpContextLink("LOGIN"); PageGlobal.showMessage(invalid); // test supported browser, but warn once only try { var ver = Number(Global.browserVersion); if (!isNaN(ver) && !((Global.IsInternetExplorer && ver >= 6.0) || (Global.IsFirefox && ver >= 2.0) || (Global.IsSafari && ver >= 3.0) || Global.IsChrome)) { var prevUnsuppBrowser = Cookie.GetCookie("UNSUPPORTED_BROWSER"); if (prevUnsuppBrowser == null || prevUnsuppBrowser == "" || prevUnsuppBrowser != navigator.userAgent) { Util.alertMessage(Msgs.get("UNSUPPORTED_BROWSER", "Warning: The browser you are using is not officially supported. We recommend using one of the following supported browsers:") + "\n\n - " + Msgs.get("SUPPORTED_BROWSER_IE", "Internet Explorer 6 and up") + "\n - " + Msgs.get("SUPPORTED_BROWSER_FIREFOX", "Firefox 2.0 and up") + "\n - " + Msgs.get("SUPPORTED_BROWSER_SAFARI", "Safari 3.0 and up") + "\n\n" + Msgs.get("UNSUPPORTED_BROWSER_INSTR", "You may continue to login with your current browser but may experience page layout issues.")); Cookie.SetCookie("UNSUPPORTED_BROWSER", navigator.userAgent); } } } catch(e) {} if (Global.IsSmallScreen) { getEl("loginArea").style.marginTop = "2px"; for (var elem in {box1: null, box2: null, box3: null}) { if (getEl(elem)) getEl(elem).style.paddingTop = "3px"; } } // show special messages portalLogin depending on destination URL if (isPortalLogin) { PageGlobal.showSpecialInstructions(); } // show center content var centerContent = getEl("centerContent"); var loginBannerBar = getEl("loginBannerBar"); if (loginBannerBar == null) { centerContent.style.visibility = ""; getEl("pageContentDiv").style.width = "auto"; } else { var elemsHash = {boxTitleTl_1: "boxTitleRedTl", boxTitleTop_1: "boxTitleRedTop", boxTitleTr_1: "boxTitleRedTr", boxTitleTl_2: "boxTitleRedTl", boxTitleTop_2: "boxTitleRedTop", boxTitleTr_2: "boxTitleRedTr"}; for (var elem in elemsHash) { if (getEl(elem)) getEl(elem).className = elemsHash[elem]; } centerContent.style.position = "absolute"; centerContent.style.zIndex = 6; var hackOffset = (Global.IsInternetExplorer ? -2 : 0); centerContent.style.top = (YAHOO.util.Dom.getY(loginBannerBar) + hackOffset + loginBannerBar.offsetHeight - 10) + "px"; // 10px is the overlap of boxes over login bar PageGlobal.pageResize(); centerContent.style.visibility = ""; onresizeFunctions.push(PageGlobal.pageResize); } try { if (getEl("username")) { if (getEl("username").value != "") getEl("password").focus(); else getEl("username").focus(); } } catch(e) {} }, showMessage: function(invalid) { if (invalid == "") return; var msgArea = getEl("messageArea"); var anim = false; var sectionDiv = getEl("messageAreaSectionDiv"); if (sectionDiv == null) { var section = new Section("", {style: "link", isCollapsable: false}); sectionDiv = section.Build(msgArea); sectionDiv.id = "messageAreaSectionDiv"; anim = true; } // check invalid login var msg = ""; switch (invalid) { case "1176": msg = Msgs.get("LOGIN_PASSWORD_FAILED", "The login and password do not match an account in the system."); break; case "1027": msg = Msgs.get("LOGIN_UNLICENSED_USER", "The user does not have a license to use the system."); break; case "1034": msg = Msgs.get("ERROR_NO_GUEST_ACCOUNT", "A guest user must exist to enable public access mode."); break; case "1120": msg = Msgs.get("ERROR_GUEST_REQUIRES_ENTERPRISE", "Public access requires a Public Access license."); break; case "1191": msg = Msgs.get("ERROR_SESSION_EXPIRED", "Your session has expired."); break; case "1295" : msg = Msgs.get("ERROR_NO_SUCH_GOOGLE_USER", "The Google account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; case "1299" : msg = Msgs.get("ERROR_NO_SUCH_SALESFORCE_USER", "The Salesforce.com account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; case "1306" : msg = Msgs.get("ERROR_NO_SUCH_ORACLE_USER", "The Oracle CRM On-Demand account '{0}' is not associated with a Helpstream user. To link your account to Helpstream, log in using your Helpstream credentials first, and click into your profile.", [""]); break; default : msg = invalid; } sectionDiv.innerHTML = "<span class=invalidLogin>" + msg + "</span>"; if (anim) { var anim = new YAHOO.util.Anim("messageArea", {height: {from: 0, to: Util.getAutoHeight(getEl("messageArea"))}}, 0.5); anim.animate(); anim.onComplete.subscribe(function() {getEl("messageArea").style.height = "auto"}); } else { var anim = new YAHOO.util.ColorAnim(sectionDiv, {backgroundColor: { from: '#ff0000', to: '#ffffff' } }, 0.5); anim.animate(); } }, showSpecialInstructions: function() { var gotoUrl = "\u0068\u0074\u0074\u0070\u0073\u003a\u002f\u002f\u0078\u0063\u0068\u0061\u006e\u0067\u0065\u002e\u0064\u0065\u006d\u0061\u006e\u0064\u0077\u0061\u0072\u0065\u002e\u0063\u006f\u006d\u002f"; var msg = Msgs.get("CURRENTLY_GUEST_ACCESS", "You currently have guest access."); var title = null; var helpContext = null; if (gotoUrl.indexOf("/NewCase.jsp") != -1) { title = Msgs.get("NEW_CASE_TITLE", "New Case"); helpContext = "NEW_TICKET_GUEST"; msg += " <b>" + Msgs.get("LOGIN_SUBMIT_CASE", "Please login to submit a case") + "</b>"; var emailFrom = "suptest@demandware.com"; if (emailFrom != "") msg += " " + Msgs.get("OR_SUBMIT_CASE_TO_EMAIL_HTML", "OR email case details to <a class=underline href='{0}'><b>{1}</b></a>", ["mailto:" + emailFrom, emailFrom]); msg += "."; // right links RightLinks.Build({divId: "pageRightActions", divIdToHideIfEmpty: "pageRightActionsArea", links: ["Browse"]}); } else if (gotoUrl.indexOf("/NewTopic.jsp") != -1) { if (gotoUrl.indexOf("..
