X-XSS-Protection sample report POST request
POST http://test.local/foo HTTP/1.1 | |
Host: test.local | |
Connection: keep-alive | |
Content-Length: 116 | |
Pragma: no-cache | |
Cache-Control: no-cache | |
Origin: http://test.local | |
X-FirePHP-Version: 0.0.6 | |
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.65 Safari/537.36 | |
Content-Type: application/json | |
Accept: */* | |
DNT: 1 | |
Referer: http://test.local/test.php?foo=%3Cscript%3Ealert(1);%3C/script%3E | |
Accept-Encoding: gzip, deflate | |
Accept-Language: cs,en-US;q=0.8,en;q=0.6 | |
{"xss-report":{"request-url":"http://test.local/test.php?foo=%3Cscript%3Ealert(1);%3C/script%3E","request-body":""}} |
POST http://test.local/foo HTTP/1.1 | |
Host: test.local | |
Connection: keep-alive | |
Content-Length: 123 | |
Pragma: no-cache | |
Cache-Control: no-cache | |
Origin: http://test.local | |
X-FirePHP-Version: 0.0.6 | |
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.65 Safari/537.36 | |
Content-Type: application/json | |
Accept: */* | |
DNT: 1 | |
Referer: http://test.local/test.php | |
Accept-Encoding: gzip, deflate | |
Accept-Language: cs,en-US;q=0.8,en;q=0.6 | |
{"xss-report":{"request-url":"http://test.local/test.php","request-body":"foo=%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E"}} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
Thanks dude!