La mia applicazione restituisce il parametro categoria nel corpo json come la seguente risposta ..
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
P3P: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
Server: nginx
X-frame-options: SAMEORIGIN
Content-Length: 139
Accept-Ranges: bytes
Date: Mon, 26 Jun 2017 15:47:55 GMT
Connection: keep-alive
Set-Cookie: bf-geo-country=EG; expires=Tue, 27 Jun 2017 15:47:55 GMT; path=/; do main=.myapp.com;
Content-Security-Policy: upgrade-insecure-requests
Strict-Transport-Security: max-age=120; preload
X-Served-By: cache-hhn1524-HHN
X-Cache: MISS
X-Cache-Hits: 0
Vary: Accept-Encoding
{
"response" : "an error occurred",
"campaign_monitor_errors" : [
"no config for Newsz<htMl onload=prompt(22)/></html>"
]
}
Questo può portare a Reflected XSS by MIME sniffing in IE o Chrome?