Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
<!DOCTYPE html>
<!-- Demonstration of how a JavaScript redirect can be used as an XSS -->
<!-- For more more detail see -->
<!-- Authored by Charles H ("subfn") <> -->
<title>Testing JS redirect as XSS vector</title>
function goNext() {
current_url = new URL(window.location.href);
next_url = current_url.searchParams.get("next");
console.log("Redirecting to " + next_url);
window.location.href = decodeURIComponent(next_url);
<p>Try <a href="?next=javascript:alert('xss')">redirect-to-xss.html?next=javascript:alert('xss')</a> and click the button</p>
<button onClick="goNext();">Go</button>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment