Created
March 14, 2019 01:54
-
-
Save reinforchu/6bd7397bf903ec890616ae6b300ef140 to your computer and use it in GitHub Desktop.
Possibility of DOM based XSS attack by Pseudo-elements from CSS Injection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<meta charset="utf-8"> | |
<style> | |
h3:after { | |
content: 'red'; | |
color: red; | |
} | |
h4:after { | |
content: 'blue'; | |
color: blue; | |
} | |
body { background-color: <?php if(!empty($_GET['color'])) { echo $_GET['color']; } else { echo 'white'; } ?>; } | |
</style> | |
</head> | |
<body> | |
<h2>Click color name</h2> | |
<h3 onclick="message(event);"></h3> | |
<h4 onclick="message(event);"></h4> | |
<hr> | |
<script type="text/javascript"> | |
function message(e) { | |
var p = document.createElement("p"); | |
p.innerHTML = "Your clicked " + getComputedStyle(document.querySelector(e.target.tagName), ':after').getPropertyValue('content') + " !"; | |
document.body.appendChild(p); | |
} | |
</script> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment