How can one allow XSS in local HTML files? | Sololearn: Learn to code for FREE!
New course! Every coder should learn Generative AI!
Try a free lesson
+ 1

How can one allow XSS in local HTML files?

I have two files on my computer, in the same folder. Let's say that they are "PageOne.html" and "PageTwo.html". Now, PageOne has an IFrame which contains PageTwo. I want PageTwo to be able to access something from PageOne using Javascript, but XSS security in Firefox prevents me from doing that. I want my local project to stay local, but I also want to find a way to securely have both HTML documents access each others' elements. Is there a script I can use on my computer that will securely verify these in my web browser and permit XSS access? Or, since this is only on my computer and I don't plan on releasing it to the web, should I just try to bypass the restriction from within Firefox - and if this is the case, how do I do that with local files only? I do not want to make myself vulnerable, nor am I trying to hack some other site. I just want my local project to work.

htmljavascriptelementstagssecurityxssfirefox
18th Aug 2020, 6:12 AM
Harvey Houston
Harvey Houston - avatar
5 Answers
+ 1
See this:https://flylib.com/books/en/2.500.1.72/1/
18th Aug 2020, 6:16 AM
Matias
Matias - avatar
+ 1
Ok try this:https://stackoverflow.com/questions/4287174/enabling-xss-from-files-hosted-on-local-filesystem
18th Aug 2020, 6:36 AM
Matias
Matias - avatar
+ 1
Google search:https://www.google.com/search?client=ms-android-transsion-tecno-rev1&biw=1261&bih=2326&sxsrf=ALeKk03XZHNFvZRnOSqFAhJnPjQ5X31rnw%3A1597731323547&ei=-3E7X8qEIaaIlwSyrabQCQ&q=How+can+one+allow+XSS+in+local+HTML+files%3F&oq=How+can+one+allow+XSS+in+local+HTML+files%3F&gs_lcp=CgZwc3ktYWIQA1D9Alj9AmDjC2gAcAB4AIABAIgBAJIBAJgBAKABAaoBB2d3cy13aXrAAQE&sclient=psy-ab&ved=0ahUKEwiK7vH_jKTrAhUmxIUKHbKWCZoQ4dUDCAw&uact=5
18th Aug 2020, 6:39 AM
Matias
Matias - avatar
0
Since I want this to stay local, I'm not sure about verifying with CORS, or other online scripts. Adding the appropriate meta tags in the HTML head didn't work, anyhow. What I'd prefer is to verify it locally, but if this is not possible, then I need a secure way to verify it with a script available online. Any suggestions would be great!
18th Aug 2020, 6:16 AM
Harvey Houston
Harvey Houston - avatar
0
@Matiyas Sirak I'm not sure how your link helps me. It shows a list of exploits, but not only is it an old book (released in 2004, which means the exploits could have been patched by now), it doesn't really help me achieve my goal. I don't want to have to exploit a bug, if possible. I want more legitimate means of achieving my goal.
18th Aug 2020, 6:25 AM
Harvey Houston
Harvey Houston - avatar

Often have questions like this?

Learn more efficiently, for free:

See all courses
Hot today
Can someone please help me with this python code?
2 Votes
Strange narrowing conversion error from FLTK Color to Color Struct, Stroustrup's header Graph.h
0 Votes
[SOLVED] What problem in this program..?
2 Votes
I need help with beginner level of python
0 Votes
Effects on HTML and JavaScript
0 Votes
Encryption and Decryption
1 Votes
no se cual es la respuesta de esta
0 Votes
Izzy the iguana
0 Votes
Any good alternative to do this
2 Votes
Can anyone help me with this?
0 Votes