$ wget'http://nginx.org/download/nginx-1.13.6.tar.gz'$ tar -xzvf nginx-1.13.6.tar.gz $cdnginx-1.13.6/#Here we assume you would install you nginx under /opt/nginx/.$ ./configure --prefix=/opt/nginx \ --add-module=/path/to/xss-nginx-module#Or--add-dynamic-module=../xss-nginx...
xss_callback_arg foo; echo '[]'; } --- request GET /foo --- response_headers_like Content-Type: application/json --- response_body []=== TEST 2: sanity --- config location /foo { default_type 'application/json'; xss_get on; ...
- LUA_CMODULE_DIR=/lib - JOBS=3 - NGX_BUILD_JOBS=$JOBS - TEST_NGINX_SLEEP=0.006 matrix: - NGINX_VERSION=1.9.15 - NGINX_VERSION=1.11.2 install: - git clone https://github.com/openresty/nginx-devel-utils.git - git clone https://github.com/openresty/openresty.git ../openresty - git...
tags: nginx,xss,status metadata: max-request: 1 max-request: 2 http: - method: GET path: - "{{BaseURL}}/status%3E%3Cscript%3Ealert(31337)%3C%2Fscript%3E" - raw: - | GET /_404_%3E%3Cscript%3Ealert(1337)%3C%2Fscript%3E HTTP/1.1 Host: {{Hostname}} - | GET /status%3E%3Cscri...
=== TEST 3: used (multiple http {} blocks) This test case won't run with nginx 1.9.3+ since duplicate http {} blocks have been prohibited since then. --- SKIP --- config location = /t { default_type application/json;0 comments on commit 97c2139 Please sign in to comment. ...