Relative Path Overwrite

Relative Path Overwrite (RPO) is a new attack vector discovered by Gareth Heyes, a renowned web application researcher. RPO exploits the way browsers interpret relative paths while importing CSS files into a document, hence this attack is also referred to as Path Relative Stylesheet Import (PRSSI). If you're not aware of relative and absolute path URL CSS import, then let's have a quick look at:

Relative path import:

<link href="resource/rpo.css" rel="stylesheet" type="text/css"/>

Absolute path import:

<link href="https://sandbox.prakharprasd.com /resource/rpo.css" rel="stylesheet" type="text/css"/>

Here, the rpo.css file contains the following:

h1 {
    font-family: monospace;
    color: white;
    font-size: 50px;

}
body {
 background-color: ...

Get Mastering Modern Web Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.