From 1fdec40bc983e9e4cfb4f114d7e140abcd42d11a Mon Sep 17 00:00:00 2001 From: CPol Date: Tue, 28 Jun 2022 21:09:16 +0000 Subject: [PATCH] GitBook: [#3294] No subject --- pentesting-web/xs-search.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pentesting-web/xs-search.md b/pentesting-web/xs-search.md index e1b9350cf..b600162f2 100644 --- a/pentesting-web/xs-search.md +++ b/pentesting-web/xs-search.md @@ -694,7 +694,7 @@ Before accessing the cache is faster than loading a resource, it's possible to t * **Inclusion Methods**: Fetch API * **Detectable Difference**: Timing * **More info**: [https://xsleaks.dev/docs/attacks/cache-probing/#fetch-with-abortcontroller](https://xsleaks.dev/docs/attacks/cache-probing/#fetch-with-abortcontroller) -* **Summary:** It's possible to try to load a resource and about before it's loaded. Depending on if an error is triggered, the resource was or wasn't cached. +* **Summary:** It's possible to try to load a resource and about before it's loaded the loading is interrupted. Depending on if an error is triggered, the resource was or wasn't cached. * **Code Example**: [https://xsleaks.dev/docs/attacks/cache-probing/#fetch-with-abortcontroller](https://xsleaks.dev/docs/attacks/cache-probing/#fetch-with-abortcontroller) [**`AbortController`**](https://developer.mozilla.org/en-US/docs/Web/API/AbortController) **** could be combined with _**fetch**_ and _**setTimeout**_ to both detect whether the **resource is cached** and to evict a specific resource from the browser cache. A nice feature of this technique is that the probing occurs without caching new content in the process.