Home/ Questions/Q 7751265
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T11:30:12+00:00

I have used the cURL solution to solve XSS but there is an issue

  • 0

I have used the cURL solution to solve XSS but there is an issue with it.
My proxy.php file contents are:-

<?php
    $url = "http://www.yahoo.com";
    $ch = curl_init();
    $timeout = 5;
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
    $file_contents = curl_exec($ch);
    curl_close($ch);
    echo $file_contents;
?>

And this is how i am trying to execute php script

$("#tempButton").click(function(){
    $("#pageContent").load('http://localhost:8080/proof/proxy.php',function() {
        var t = $("#pageContent").html();
        alert(t);
    });
});

But variable t is showing the contents of proxy.php file while it is expected to show contents of yahoo.com which was set in proxy.php file. Am i doing something silly. #FirstTimePHP

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    As variable t is showing the content of the file the server software must not be recognising thee script as PHP.

    There are several reasons that this may happen. Not having opening tags would be 1 but you of course have these.

    Another potential reason is that php has not been loaded as a module in the server software.

    Another potential reason is that the server does not parse files with the extension of php (this is configurable).

    You should start from basics. Ignore the javascript, instead call the url manually and see what you get. The chances are you will see the code.

    If this does happen ensure that server software (usually apache) is set to recognise the extension php is associated with the php module. Lastly ensure that PHP is actually properly installed.

    • 0