Web Security Academy (@websecacademy) 's Twitter Profile
Web Security Academy

@websecacademy

Free web security training from @PortSwigger

ID: 990945874019840000

linkhttps://portswigger.net/web-security calendar_today30-04-2018 13:28:02

1,1K Tweet

123,123K Takipรงi

35 Takip Edilen

Web Security Academy (@websecacademy) 's Twitter Profile Photo
Web Security Academy
@websecacademy

3 months ago

How a harmless-looking fallback can become a full-blown XSS ๐Ÿ’ฅ JavaScript libraries often rely on user-supplied configuration objects. A common pattern is: let transport_url = config.transport_url || defaults.transport_url; If config.transport_url is undefined, the default is

How a harmless-looking fallback can become a full-blown XSS ๐Ÿ’ฅ JavaScript libraries often rely on user-supplied configuration objects. A common pattern is: let transport_url = config.transport_url || defaults.transport_url; If config.transport_url is undefined, the default is