月刊XSS 6月号です。 Referrer文字列によるXSS part2 http://masatokinugawa.l0.cm/2014/06/referrer-xss-part2.html …
-
-
Replying to @kinugawamasato
@kinugawamasato Nice! <meta name="referrer" content="always"> also used to work from file: if you didn't know :)1 reply 0 retweets 3 likes -
Replying to @avlidienbrunn
@kinugawamasato Actually, it still works!pic.twitter.com/cfDIM8lY5O
1 reply 0 retweets 3 likes -
Replying to @avlidienbrunn
@avlidienbrunn I didn't know this! It seems that file URL can't hold <> chars. We can't use it for XSS via referrer :(2 replies 0 retweets 0 likes
Replying to @kinugawamasato
@kinugawamasato The blob: trick works on file too, so no problem: http://pastebin.com/eM3PcvtM !
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.