| OLD | NEW |
|---|
| 1 #!/usr/bin/perl -wT | 1 #!/usr/bin/perl -wT |
| 2 use strict; | 2 use strict; |
| 3 use CGI; | 3 use CGI; |
| 4 | 4 |
| 5 my $cgi = new CGI; | 5 my $cgi = new CGI; |
| 6 my $action = $cgi->param('q'); | 6 my $action = $cgi->param('q'); |
| 7 if ($cgi->param('add-token')) { | 7 if ($cgi->param('add-token')) { |
| 8 $action = $action . "&tok=12345678"; | 8 $action = $action . "&tok=12345678"; |
| 9 } | 9 } |
| 10 | 10 |
| 11 print "X-XSS-Protection: 1\n"; |
| 11 print "Content-Type: text/html; charset=UTF-8\n\n"; | 12 print "Content-Type: text/html; charset=UTF-8\n\n"; |
| 12 | 13 |
| 13 print "<!DOCTYPE html>\n"; | 14 print "<!DOCTYPE html>\n"; |
| 14 print "<html>\n"; | 15 print "<html>\n"; |
| 15 print "<body>\n"; | 16 print "<body>\n"; |
| 16 print "<p>This is an iframe with a injected form</p>\n"; | 17 print "<p>This is an iframe with a injected form</p>\n"; |
| 17 print "<form method=\"post\" id=\"login\" action=\"".$action."\"></form>\n"; | 18 print "<form method=\"post\" id=\"login\" action=\"".$action."\"></form>\n"; |
| 18 print "<script>if (window.testRunner) testRunner.notifyDone();</script>\n"; | 19 print "<script>if (window.testRunner) testRunner.notifyDone();</script>\n"; |
| 19 print "</body>\n"; | 20 print "</body>\n"; |
| 20 print "</html>\n"; | 21 print "</html>\n"; |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2524013002:
XSS Auditor: Block by default. (Closed)
