Dating sites top referrers 2016
Let’s create a couple of php scripts: one with a referer check to serve “premium content” and another vulnerable to XSS attacks.
The script below is serves premium content only to requests coming from The code injection failed thanks to the XSS filter. The problem that both Edge and IE have is quite simple: when changing the location of the top window using Java Script, the referer will be the previous URL instead of the host that change it.
Then come requests #3 and #4 where both have as the referer.
Finally request #5 also with But what happens after that?
Now, this happens because IE/Edge disable the filter when the requests come from the same-domain referrer […] It’s easy to load inside the i Frame the vulnerable URL because IE/Edge has many problems regarding referrers.For example, if we search for “MS Edge” in Google and click on the first organic link, the browser will navigate to sending as the referer.Microsoft will know that we are coming from Google because the referer is sent by the browser when doing the request.The referer should have been the URL of the script that changed its location which in this case is also ar. So this will be pretty simple: we open any URL that belongs to the host of the vulnearable page, and then we change the location XSSing it straight!
If we want to attack then we will emulate-spoof as the referer and then, XSS it. Check below, easier reading the code than my English explanation: the URL that initiated the request, not the previous page.