watson0x90 · June 27, 2024 12:59
diff --git a/polyfill_io_page_source_check.bcheck b/polyfill_io_page_source_check.bcheck
 metadata:
  language: v1-beta
  name: "Page source includes reference to polyfill[.]io"
  description: "Locate polyfill[.]io issues."
  author: "@watson0x90"
  tags: "cdn", "javascript", "polyfill", "exposure"

 given response then
  if {latest.response} matches "(https?:\/\/)?([a-z0-9-]+\.)*polyfill\.io(\/.*)?" then
     report issue:
       severity: high
       confidence: tentative
       detail: "Locate polyfill[.]io in page source."
       remediation: "Update polyfill version to Cloudflare version: For minified: https://cdnjs.cloudflare.com/ajax/libs/polyfill/3.52.1/polyfill.min.js For unminified: https://cdnjs.cloudflare.com/ajax/libs/polyfill/3.52.1/polyfill.js"
  end if
	metadata:
	language: v1-beta
	name: "Page source includes reference to polyfill[.]io"
	description: "Locate polyfill[.]io issues."
	author: "@watson0x90"
	tags: "cdn", "javascript", "polyfill", "exposure"

	given response then
	if {latest.response} matches "(https?:\/\/)?([a-z0-9-]+\.)polyfill\.io(\/.)?" then
	report issue:
	severity: high
	confidence: tentative
	detail: "Locate polyfill[.]io in page source."
	remediation: "Update polyfill version to Cloudflare version: For minified: https://cdnjs.cloudflare.com/ajax/libs/polyfill/3.52.1/polyfill.min.js For unminified: https://cdnjs.cloudflare.com/ajax/libs/polyfill/3.52.1/polyfill.js"
	end if