resteasy-xss project

This project uses Quarkus, the Supersonic Subatomic Java Framework.

If you want to learn more about Quarkus, please visit its website: https://quarkus.io/ .

Running the application in dev mode

You can run your application in dev mode that enables live coding using:

./mvnw quarkus:dev

Packaging and running the application

The application can be packaged using ./mvnw package. It produces the resteasy-xss-1.0-SNAPSHOT-runner.jar file in the /target directory. Be aware that it’s not an über-jar as the dependencies are copied into the target/lib directory.

The application is now runnable using java -jar target/resteasy-xss-1.0-SNAPSHOT-runner.jar.

Reproducing RESTEASY-2519

Open a browser and enter this URL:

http://localhost:8080/users?paging=0%2c-1sp137%3Cscript%3Ealert(1)%3C%2fscript%3Emzx4u

You should see an alert box being executed

gastaldi / resteasy-xss

resteasy-xss project

Running the application in dev mode

Packaging and running the application

Reproducing RESTEASY-2519

About

Languages