X-XSS-Protection sample report POST request
| POST http://test.local/foo HTTP/1.1 | |
| Host: test.local | |
| Connection: keep-alive | |
| Content-Length: 116 | |
| Pragma: no-cache | |
| Cache-Control: no-cache | |
| Origin: http://test.local | |
| X-FirePHP-Version: 0.0.6 | |
| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.65 Safari/537.36 | |
| Content-Type: application/json | |
| Accept: */* | |
| DNT: 1 | |
| Referer: http://test.local/test.php?foo=%3Cscript%3Ealert(1);%3C/script%3E | |
| Accept-Encoding: gzip, deflate | |
| Accept-Language: cs,en-US;q=0.8,en;q=0.6 | |
| {"xss-report":{"request-url":"http://test.local/test.php?foo=%3Cscript%3Ealert(1);%3C/script%3E","request-body":""}} |
| POST http://test.local/foo HTTP/1.1 | |
| Host: test.local | |
| Connection: keep-alive | |
| Content-Length: 123 | |
| Pragma: no-cache | |
| Cache-Control: no-cache | |
| Origin: http://test.local | |
| X-FirePHP-Version: 0.0.6 | |
| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.65 Safari/537.36 | |
| Content-Type: application/json | |
| Accept: */* | |
| DNT: 1 | |
| Referer: http://test.local/test.php | |
| Accept-Encoding: gzip, deflate | |
| Accept-Language: cs,en-US;q=0.8,en;q=0.6 | |
| {"xss-report":{"request-url":"http://test.local/test.php","request-body":"foo=%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E"}} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment