Many Web sites such as MySpace, Facebook and Twitter allow their users to upload files.
However when a Web sites Content- Sniffing algorithm differs from a browsers Content-
Sniffing algorithm, an attacker can often mount a Content-Sniffing XSS attack on the
visitor. That is, by carefully embedding HTML code containing malicious script into a
non-HTML file and uploading this file to the Web site, an attacker can deceive the visitors
browser into assuming the file as HTML file and run the script code. However Content-
Sniffing XSS attack can be avoided if files uploaded on the server are checked for HTML
codes. In this paper we implemented a server-side ingress filter that aims to protect vulnerable
browsers which may treat non-HTML files as HTML files. Our filter examines
user-uploaded files against a set of potentially dangerous HTML elements (a set of regular
expressions). The results of our experiment show that our automata-based scheme is highly
efficient and more accurate than existing signature-based approach.
