Merge pull request #705 from jiniljeil/patch-1

Fix typo in content-security-policy-csp-bypass
HackTricks-wiki · Sep 18, 2023 · ad92e96 · ad92e96
2 parents 875709e + 4154ac1
commit ad92e96
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pentesting-web/content-security-policy-csp-bypass/README.md b/pentesting-web/content-security-policy-csp-bypass/README.md
@@ -252,7 +252,7 @@ The post shows that you could **load** all **libraries** from `cdn.cloudflare.co
 
 #### Abusing google recaptcha JS code
 
-According to [**this CTF writeup**](https://blog-huli-tw.translate.goog/2023/07/28/google-zer0pts-imaginary-ctf-2023-writeup/?\_x\_tr\_sl=es&\_x\_tr\_tl=en&\_x\_tr\_hl=es&\_x\_tr\_pto=wapp#noteninja-3-solves) you can abuse [https://www.google.com/recaptcha/](https://www.google.com/recaptcha/) inside a CSP to executa arbitrary JS code bypassing the CSP:
+According to [**this CTF writeup**](https://blog-huli-tw.translate.goog/2023/07/28/google-zer0pts-imaginary-ctf-2023-writeup/?\_x\_tr\_sl=es&\_x\_tr\_tl=en&\_x\_tr\_hl=es&\_x\_tr\_pto=wapp#noteninja-3-solves) you can abuse [https://www.google.com/recaptcha/](https://www.google.com/recaptcha/) inside a CSP to execute arbitrary JS code bypassing the CSP:
 
 ```html
 <div