bg-wa Posted September 13, 2018 Share Posted September 13, 2018 (edited) I started this quick POC, which uses Rails as a web-content proxy to allow intercepting and modifying html pages. [End User Request > My Bad URL > Actual server > My Bad URL > Nokogiri (modify response) > End User Response] It's pretty bare bones and allows you to browse any website at your own URL, modifying the response in the middle. https://github.com/bg-wa/rails_in_the_middle Seems like an interesting loophole. Even with CORs set up properly, assets could be stored and re-served to the end user. Edited September 13, 2018 by bg-wa Link formatting Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.