Last active
August 29, 2015 14:13
-
-
Save dana-ross/d5e15b6b0ebd44e09962 to your computer and use it in GitHub Desktop.
XSS through jQuery.html() example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script> | |
| <script> | |
| window.addEventListener('DOMContentLoaded', function() { | |
| // Assume hacked_string started off as something completely fine, but a third-party script changed its value so now it looks like... | |
| var hacked_string = "\"\>\<script\>alert(\"haxx0r3d\")\<\/script\>"; | |
| // Use the DOM API to build a node. Use hacked_string as its id | |
| var new_div = document.createElement('div'); | |
| new_div.setAttribute('id', hacked_string); | |
| jQuery('#test_dom').get(0).appendChild(new_div); | |
| // Inject content using jQuery.html() | |
| jQuery('#test_html').html('<div id="' + hacked_string + '">content</div>'); | |
| }); | |
| </script> | |
| </head> | |
| <body> | |
| <div id="test_dom"> | |
| </div> | |
| <div id="test_html"> | |
| </div> | |
| </body> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment