Another possible solution for Dangerous Use of Eval

Question

Another possible solution for Dangerous Use of Eval

Opened this issue 8 years ago · 0 comments

GoogleCodeExporter commented 8 years ago

What steps will reproduce the problem?

Found another way to solve "Dangerous Use of Eval". Concatenate document.cookie 
encoding the plus sign:

"' %2B document.cookie %2B '

Also, the cookie is empty, to ensure either solution works I had to set 
document.cookie equal to something.


What is the expected output? What do you see instead?

This should pass the exercise.


What version of the product are you using? On what operating system?

Webgoat 5.4 on Windows 7


Please provide any additional information below.

Original issue reported on code.google.com by xplicitp...@gmail.com on 30 Jul 2014 at 1:17