Government Security
Network Security Resources

Jump to content


Uri Scheme

  • Please log in to reply
2 replies to this topic

#1 Juza



  • Sergeant Major
  • 149 posts

Posted 17 October 2010 - 10:14 AM

In this post i will cover one of the coolest features that modern browser support nowadays which is URI schemes. There is a lot of schemes out there, browser custom schemes (about:something), protocol schemes (, and of course data schemes.

In this post i only will talk about data schemes.

Data schemes are organized like this:

data:{type of the data};{encode},{data}

In the type of data you can various types of data such as:
application/javascript (text/javascript was depreced)

This types are defined in internet media types.

It's time to make some magic.
Put this in your browser:


You should se a image now!
Ok this is the thing, simple fact that you can store data in only a web page.

Now, the question is how we can make this feature useful for us?! Javascript/Html injections!

So let's test something, put this on your browser:



Now let's make this even more fun! Let's encode javascript to make this less

Javascript Encoded + base64


This things can be done all content-types available, so be creative.

Hope you have lear something!.

These sites could be useful for you for further research:

Base64 online encoder - /
XSS - /
Internet media types - /
Data URI Scheme - /
URI Scheme - /
Go to
Follow me

The true beginning of our end.

#2 bonarez


    Retired GSO Second Lieutenant

  • Sergeant Major
  • 1,252 posts

Posted 17 October 2010 - 11:12 AM

This is actually pretty cool B)

Reminds me of a cross protocol scripting talk I saw recently. These two could be combined in some ways I think.
"Ask the right question and you will receive the right answer. I'm just very sensitive about the right syntax"

Read the rules before you post

#3 Edu


    First Sergeant

  • Members
  • 2,272 posts

Posted 19 October 2010 - 01:31 PM

interesting stuff.

talking of "about:" URL protocol... Programs that hosts the IE control to parse contents contains an issue within this protocol. a kind of HTML injection :

<iframe src="about:<html><script>alert(1)</script></html>"></iframe>

IExplore.exe itself is not vulnerable to this. - Secumania security blog.

Embed any executable in a JPEG image and get it to run upon opening the image with this cool tool that abuses a feature of GDI in Windows systems. for members only! click here to get it!

Also tagged with one or more of these keywords: javascript