Possible IE XSS Attack Found when uploading - solution found
Posted: 03 Jan 2010, 20:35
I started uploading some new images (jpg's) into a new gallery and got stopped with the error message: "Possible IE XSS Attack found." at the top of the individual image upload panel and when trying it with java, it was shown in a message box.
Looking at the files and their IPCT information, I had downloaded the file from Smugmug and it had included some html in the IPTC information, just <i> and <b> tags, but it was enough to trigger this error message. The solution was to remove the html from the IPTC metadata about the image and it works fine.
I used thumbsplus to remove the IPTC information in bulk or could have used Photoshop/Browser to do it.
Maybe this post will help someone else who runs into the problem resolve the issue since where it comes from is fairly obscure.
Looking at the files and their IPCT information, I had downloaded the file from Smugmug and it had included some html in the IPTC information, just <i> and <b> tags, but it was enough to trigger this error message. The solution was to remove the html from the IPTC metadata about the image and it works fine.
I used thumbsplus to remove the IPTC information in bulk or could have used Photoshop/Browser to do it.
Maybe this post will help someone else who runs into the problem resolve the issue since where it comes from is fairly obscure.