Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Web Secuirty Academy- Exploiting XSS to perform CSRF

Pelumi Magbagbeola Jun 06, 2019 10:02PM UTC

I am having trouble determing where to put the token within the payload given in the solution:

var req = new XMLHttpRequest();
req.onload = handleResponse;'get','/email',true);
function handleResponse() {
var token = this.responseText.match(/name="csrf" value="(\w+)"/)[1];
var changeReq = new XMLHttpRequest();'post', '/email', true);
Is it supposed to be replace (\w+)?

Paul Johnston Jun 10, 2019 11:02AM UTC Support Center agent

That code will automatically fetch the anti-CSRF token and include it in the second request.

Try submitting it as a blog comment. If that doesn’t work, drop us a line.

Pelumi Magbagbeola Jun 11, 2019 12:57AM UTC
I've tried multiple times to submit the code as a blog comment but I keep getting the 'Thank you for your comment' page with the lab unsolved.

Pelumi Magbagbeola Jun 11, 2019 01:53AM UTC
I copied the code and inserted into a blog comment verbatim.

Paul Johnston Jun 11, 2019 01:58PM UTC Support Center agent

We’ve just spotted there is a typo in the solution the line:'post', '/email', true);

should be:'post', '/email/change', true);

We will get this fixed in the coming days, but for now you can manually do this.

Pelumi Magbagbeola Jun 11, 2019 02:19PM UTC
Thanks much.

Post Your public answer

Your name
Your email address