updated matcher
parent
f59905ced2
commit
1b5420bc4b
|
@ -17,18 +17,20 @@ requests:
|
|||
- "{{BaseURL}}/http_header.php"
|
||||
headers:
|
||||
X-Trigger-XSS: "<script>alert(1)</script>"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""
|
||||
- '"HTTP_X_TRIGGER_XSS":"<script>alert(1)</script>"'
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "text/html"
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "X-XSS-Protection"
|
||||
negative: true
|
||||
|
||||
- type: dsl
|
||||
dsl:
|
||||
- "!contains(tolower(all_headers), 'x-xss-protection')"
|
Loading…
Reference in New Issue