mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-23 21:05:27 +00:00
specify condition to perform Angular JS Injection
Indicate that ng-app in a root element is needed to inject Angular JS template. Injecting below payload without a root element with ng-app will not result in a successful injection
This commit is contained in:
parent
cbc6e78d2a
commit
27d19813f8
@ -6,6 +6,8 @@ The following payloads are based on Client Side Template Injection.
|
|||||||
|
|
||||||
### Stored/Reflected XSS - Simple alert in AngularJS
|
### Stored/Reflected XSS - Simple alert in AngularJS
|
||||||
|
|
||||||
|
`ng-app` directive must be present in a root element to allow the client-side injection (cf. [AngularJS: API: ngApp](https://docs.angularjs.org/api/ng/directive/ngApp)).
|
||||||
|
|
||||||
> AngularJS as of version 1.6 have removed the sandbox altogether
|
> AngularJS as of version 1.6 have removed the sandbox altogether
|
||||||
|
|
||||||
AngularJS 1.6+ by [Mario Heiderich](https://twitter.com/cure53berlin)
|
AngularJS 1.6+ by [Mario Heiderich](https://twitter.com/cure53berlin)
|
||||||
|
Loading…
Reference in New Issue
Block a user