msturm
commented
6 years ago I was creating a pull request, but then noticed that this pull request is already fixing this issue: https://github.com/mikekelly/hal-browser/pull/97
Open msturm opened 6 years ago
msturm
commented
6 years ago I was creating a pull request, but then noticed that this pull request is already fixing this issue: https://github.com/mikekelly/hal-browser/pull/97
If you open the NON-GET dialog and press submit, you get a URL of the form:
http://haltalk.herokuapp.com/explorer/browser.html#NON-GET:/If you modify the URL to include javascript for example, it turns out that the contents are displayed in the users' browser. Theoretically, this makes it possible to perform various actions, including stealing cookies etc.
An example to see the problem described above is going to this link on the demo-app of the HAL-browser:
http://haltalk.herokuapp.com/explorer/browser.html#NON-GET:/">'<script>alert("hi")</script>