Collaborate Disseminate
I’m using ajax to serve some static html pages as modal boxes, I got a report from veracode saying that I should validate the server’s ssl certificate and the chain of trust in the ajax call to ensure there is no man in the middle attacks … Continue reading Validate server certificate’s chain of trust in ajax call [closed]
The source code says as below:
<script>
function doSearch(item) {
url = ‘https://api.mywebsite.com/search’
var xmlHttp = new XMLHttpRequest();
xmlHttp.onreadystatechange = function() {… Continue reading XSS payload for XMLHttpRequest()
I would like to create a new token for each request and would like to us the following template-
<script>
var current_token=<?php echo $_SESSION[‘csrf_token’]; ?>
$.ajax({
type: “POST”,
… Continue reading Regenerating CSFR token in AJAX requests
I was doing the google security challenges here: http://google-gruyere.appspot.com/part2
I don’t understand the solution for the Ajax Stored Xss part.
So here’s the problem summarized:
Every user can enter a post (something like a tweet,… Continue reading Google Gruyere – Ajax Json Stored Xss
I have a page(parent.php) from where i am calling a another page(result.php) through jquery ajax that is returning a response in html format. This response is showed on the parent.php page in a div. How can i secure my ajax response from x… Continue reading How to prevent Cross-site Scripting in ajax response
I asked this question: What would happen if some random webpage made an Ajax request for http://127.0.0.1/private.txt?
The answers/comments confuse me. Am I right in interpreting them like this?
“Even though Ajax requests t… Continue reading Can somebody explain why the IP address 192.168.1.1 is apparently "special" and not following the CORS rules?
In HTML when we describe a certain field as a password field is it somehow secured against sending out the data via XHR/AJAX/similar technologies?
This is relevant in case we have to deal with script injection and similar at… Continue reading Does the HTML password field include any protection against XHR/AJAX exfiltration?
I have a website where people can make purchases.
The entire website is served with https.
On the first page, I accept user profile data and generate a random ID for my client and store that in my database.
I then pass th… Continue reading Using browser XMLHttpRequest to initiate credit card transaction with processor?
the curl commend used to download the file
curl “http://192.168.1.1/html/management/downloadconfigfile.conf?RequestFile=/html/management/cfgfile.asp” -H “Cookie: SessionID_R3=dsadwdwqdasdwasdawd” –data “csrf_token=saddasdwa… Continue reading Is it possible to exfiltrate a router config file to server using csrf ajax?
The CSRF Cheat Sheet by OWASP, concerning (Anti-)CSRF-tokens is quite confusing.
For a State(ful)-scenario (the Synchronizer Token Pattern), they write:
… for AJAX calls it is recommended to add in parameter than in hea… Continue reading Does OWASP recommend to include a CSRF-token in a header or to use it as a parameter (in a State-scenario)?