From d6b5adf414c395926edc27c3bc1ed9b675e4924e Mon Sep 17 00:00:00 2001 From: Boik Date: Thu, 19 Jul 2018 10:40:59 -0700 Subject: [PATCH] add an article --- README-jp.md | 1 + README-zh.md | 1 + README.md | 1 + 3 files changed, 3 insertions(+) diff --git a/README-jp.md b/README-jp.md index 6819445..98bbd23 100644 --- a/README-jp.md +++ b/README-jp.md @@ -251,6 +251,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre - [CSP: bypassing form-action with reflected XSS](https://labs.detectify.com/2016/04/04/csp-bypassing-form-action-with-reflected-xss/) - Written by [Detectify Labs](https://labs.detectify.com/). - [TWITTER XSS + CSP BYPASS](http://www.paulosyibelo.com/2017/05/twitter-xss-csp-bypass.html) - Written by [Paulos Yibelo](http://www.paulosyibelo.com/). - [Neatly bypassing CSP](https://lab.wallarm.com/how-to-trick-csp-in-letting-you-run-whatever-you-want-73cb5ff428aa) - Written by [Wallarm](https://wallarm.com/). +- [Evading CSP with DOM-based dangling markup](https://portswigger.net/blog/evading-csp-with-dom-based-dangling-markup) - Written by [portswigger](https://portswigger.net/). ### WAF diff --git a/README-zh.md b/README-zh.md index 3823ea7..4e8e6c8 100644 --- a/README-zh.md +++ b/README-zh.md @@ -272,6 +272,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre - [CSP: bypassing form-action with reflected XSS](https://labs.detectify.com/2016/04/04/csp-bypassing-form-action-with-reflected-xss/) - Written by [Detectify Labs](https://labs.detectify.com/). - [TWITTER XSS + CSP BYPASS](http://www.paulosyibelo.com/2017/05/twitter-xss-csp-bypass.html) - Written by [Paulos Yibelo](http://www.paulosyibelo.com/). - [Neatly bypassing CSP](https://lab.wallarm.com/how-to-trick-csp-in-letting-you-run-whatever-you-want-73cb5ff428aa) - Written by [Wallarm](https://wallarm.com/). +- [Evading CSP with DOM-based dangling markup](https://portswigger.net/blog/evading-csp-with-dom-based-dangling-markup) - Written by [portswigger](https://portswigger.net/). ### WAF diff --git a/README.md b/README.md index 263ffda..4e95941 100644 --- a/README.md +++ b/README.md @@ -248,6 +248,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre - [CSP: bypassing form-action with reflected XSS](https://labs.detectify.com/2016/04/04/csp-bypassing-form-action-with-reflected-xss/) - Written by [Detectify Labs](https://labs.detectify.com/). - [TWITTER XSS + CSP BYPASS](http://www.paulosyibelo.com/2017/05/twitter-xss-csp-bypass.html) - Written by [Paulos Yibelo](http://www.paulosyibelo.com/). - [Neatly bypassing CSP](https://lab.wallarm.com/how-to-trick-csp-in-letting-you-run-whatever-you-want-73cb5ff428aa) - Written by [Wallarm](https://wallarm.com/). +- [Evading CSP with DOM-based dangling markup](https://portswigger.net/blog/evading-csp-with-dom-based-dangling-markup) - Written by [portswigger](https://portswigger.net/). ### WAF