Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<!DOCTYPE html>
<!-- Demonstration of how a JavaScript redirect can be used as an XSS -->
<!-- For more more detail see https://subfn.net -->
<!-- Authored by Charles H ("subfn") <chooper@plumata.com> -->
<html>
<head>
<title>Testing JS redirect as XSS vector</title>
<script>
function goNext() {
current_url = new URL(window.location.href);
next_url = current_url.searchParams.get("next");
console.log("Redirecting to " + next_url);
window.location.href = decodeURIComponent(next_url);
}
</script>
</head>
<body>
<p>Try <a href="?next=javascript:alert('xss')">redirect-to-xss.html?next=javascript:alert('xss')</a> and click the button</p>
<button onClick="goNext();">Go</button>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.