Please describe in detail what this situation is. I would like you to tell me about whether it is stored xss, stored xss, or Dom xss, and furthermore, I would like to tell you which of these attacks the attackers want to perform, and what kind of site and what kind of site the user is doing and the scenario where cookies are stolen. Connections to what you've told me before

Inside the check_xss function url=f” http://127.0.0.1:8000/vuln? param= {urllib.parse.quote (param)}” Shouldn't the script statement not execute while encoding the param with urllib.parse in this part? I actually put an alert in it, but it doesn't pop up, but why does it become a location.href

![](https://dreamhack-media.s3.amazonaws.com/attachments/4466e0219cef04b6d

<script>Write a cookie directly into the address value in memo, or use location.href= “/memo in the flag? I'm not sure why the memo=” + document.cookie;</script> is written or the value output in memo is different. Why is that?

driver.get (f'http:.. 127.0.0. 1:8000 /xss? xsss') Is this the host address I'm connecting to?

I understand moving cookies stored at localhost:8000 to the memo page through a script statement. However, when I create a server and enter the memo page, the address that comes up is “http://host3.dreamhack.games:23345/memo? Since it's “memo=hello”, shouldn't we make a cookie enter the hello position? Why protocol in script statements

The address/memo I was assigned to location.href in the part where the script is entered in the flag? I'm wondering why I can't use memo=document.cookie. After creating a cookie in driver.get (127.0.0.1), the cookie is “My assigned address/memo? Isn't it possible to send it as' memo=document.cookie '? I'm curious

d def read_url (url, cookie = {"name”: “name”, “value”: “value”}): cookies.update ({"domain”: “127.0.0.1"}) try: service = Service (executable_path=” /chromedriver”) options = web

Is the approach of inserting a script that reads /flag.txt into the blank space of /flag correct?

Please check the bot