
Advanced JavaScript Injections - known
https://brutelogic.com.br/blog/advanced-javascript-injections/
======
XCabbage
People failing to load the page, note that
[http://webcache.googleusercontent.com/search?q=cache%3Ahttps...](http://webcache.googleusercontent.com/search?q=cache%3Ahttps%3A%2F%2Fbrutelogic.com.br%2Fblog%2Fadvanced-
javascript-
injections%2F&oq=cache%3Ahttps%3A%2F%2Fbrutelogic.com.br%2Fblog%2Fadvanced-
javascript-
injections%2F&aqs=chrome..69i57j69i58.909j0j7&sourceid=chrome&ie=UTF-8) works.

------
stevenmays
Anyone else getting a 500 error on this?

~~~
benve
The page does not open. At first I thought I had compromised the browser with
a JavaScript exploits.

curl -v [https://brutelogic.com.br/blog/advanced-javascript-
injection...](https://brutelogic.com.br/blog/advanced-javascript-injections/)

* Connection state changed (MAX_CONCURRENT_STREAMS updated)! < HTTP/2 503 < server: nginx < date: Thu, 13 Dec 2018 16:07:36 GMT < content-type: text/html; charset=iso-8859-1 < content-length: 323 < x-sucuri-id: 15005 < vary: Accept-Encoding < x-sucuri-cache: MISS < <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>503 Service Temporarily Unavailable</title> </head><body> <h1>Service Temporarily Unavailable</h1> <p>The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.</p> </body></html> * Connection #0 to host brutelogic.com.br left intact

------
bwindels
Not sure what PHP escape method is used in the example on the server, but
shouldn't \" escape to \\\\\" instead of \\\"?

------
augbog
ah the good ol reddi.. err HN hug of death

~~~
reaperducer
It's been Slashdotted.

------
tempodox
What's the need for this new term? Up to now, the javascript injection orgies
were just called web sites.

