I hereby claim:
- I am forced-request on github.
- I am forcedrequest (https://keybase.io/forcedrequest) on keybase.
- I have a public key whose fingerprint is 5717 2014 FCD3 25E9 0676 55D9 7995 BE99 3DC8 6C86
To claim this, I am signing this object:
class ApplicationController < ActionController::Base | |
protect_from_forgery | |
# Overload handle_unverified_request to ensure that | |
# exception is raised each time a request does not | |
# pass validation. | |
def handle_unverified_request | |
raise(ActionController::InvalidAuthenticityToken) | |
end | |
end |
class ApplicationController < ActionController::Base | |
protect_from_forgery with: :exception | |
end |
<html> | |
<head> | |
<title>Test</title> | |
<script src="jquery-1.11.1.min.js"></script> | |
<script> | |
$(document).ready(function () { | |
alert('hiii'); | |
}); | |
</script> | |
</head> |
I hereby claim:
To claim this, I am signing this object:
def create | |
user = Users.where(:username => params[:sessions][:username]).first | |
unless user.nil? | |
if user.password == compute | |
render :text => "Login Successfully" | |
else | |
render :text => NOT_EXISTS | |
end | |
else | |
render :text => NOT_EXISTS |
require 'lib/request' | |
puts "hi" |
def Attack | |
end |
wp = require("webpage").create(); | |
wp.onAlert = function(text) { | |
console.log("Alerted: " + text); | |
}; | |
wp.content = "<html><body>Hello: <iframe src='f' onerror='prompt(299792458)'></iframe><script>window.alert(\"Normal Func\")</script></body></html>"; | |
wp.evaluate(function (wp) { | |
}, wp); |
def show | |
render params[:template] | |
end |
def show | |
template = params[:id] | |
valid_templates = { | |
"dashboard" => "dashboard", | |
"profile" => "profile", | |
"deals" => "deals" | |
} | |
if valid_templates.include?(template) |