Skip to content

Commit

Permalink
Merge pull request #216 from DolphFlynn/polyfill_regex
Browse files Browse the repository at this point in the history 
Tighten regex for polyfill JS import and only check within response b…
  • Loading branch information
@ps-porpoise
ps-porpoise authored Jul 9, 2024
2 parents 918d658 + c8daf01 commit 6d3e145
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion other/Javascript/malicious_polyfill_cdn.bcheck
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
tags: "passive","javascript"

given response then
if {latest.response} matches "<script.*?src=\"(https?:)?//(cdn.)?polyfill.io/v[0-9]/polyfill\.min\.js.*?\".*?>" then
if {latest.response.body} matches "<script.*?src=\"(https?:)?//(cdn\.)?polyfill\.io/v[0-9]/polyfill\.min\.js.*?\".*?>" then
report issue:
severity: high
confidence: firm
Expand Down

0 comments on commit 6d3e145

Please sign in to comment.