Y
Hacker News
new
|
ask
|
show
|
jobs
by
adraenwan
971 days ago
maybe OP tried it's exploit in internet explorer 5.0, but I doubt it'll work in any recent (read: less than 5 years old) browser.
3 comments
thedaly
971 days ago
See for yourself fam
https://wordlewebsite.com/sqword
link
masklinn
971 days ago
Modern browsers will straight up tell the server the resource is being loaded from an iframe via Sec-Fetch-Dest.
link
henriquez
971 days ago
Oh it works. Just Google sqword if you don’t believe.
link
https://wordlewebsite.com/sqword