<!DOCTYPE html> | |
<!-- Demonstration of how a JavaScript redirect can be used as an XSS --> | |
<!-- For more more detail see https://subfn.net --> | |
<!-- Authored by Charles H ("subfn") <chooper@plumata.com> --> | |
<html> | |
<head> | |
<title>Testing JS redirect as XSS vector</title> | |
<script> | |
function goNext() { | |
current_url = new URL(window.location.href); | |
next_url = current_url.searchParams.get("next"); | |
console.log("Redirecting to " + next_url); | |
window.location.href = decodeURIComponent(next_url); | |
} | |
</script> | |
</head> | |
<body> | |
<p>Try <a href="?next=javascript:alert('xss')">redirect-to-xss.html?next=javascript:alert('xss')</a> and click the button</p> | |
<button onClick="goNext();">Go</button> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment