Lukas Weichselbaum lweichselbaum
lweichselbaum
/ untrusted.html
Last active
June 14, 2023 09:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>Evil Site</title> | |
| </head> | |
| <body bgcolor="red"> | |
| <h2>Evil Site Demo</h2> | |
| <!-- deduct via XSRF --> |
lweichselbaum
/ fetch-metadata-XSSI-demo.html
Created
June 10, 2023 11:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <script src="https://secmetadata.appspot.com/api/xssi"> </script> | |
| <!-- alert() will reveal the secret if the current browser doesn't support Fetch Metadata request headers. --> | |
| <script>alert(secret)</script> |
lweichselbaum
/ FF_CSP_BUG.html
Last active
June 16, 2018 11:11
Firefox CSP Bug - Dynamically created script with correct nonce gets blocked because of redirect.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-abcd1234'"> | |
| </head> | |
| <body> | |
| <script nonce='abcd1234'> | |
| var s = document.createElement('script'); | |
| s.setAttribute('nonce', 'abcd1234'); | |
| s.src = 'https://goo.gl/jEH8zk'; // redirects to jquery. |