# Client-Side

- [Cross-Site Scripting (XSS)](https://book.jorianwoltjer.com/web/client-side/cross-site-scripting-xss.md): Inject JavaScript code on victims to perform actions on their behalf
- [HTML Injection](https://book.jorianwoltjer.com/web/client-side/cross-site-scripting-xss/html-injection.md): Tricks possible with malicious HTML, in case XSS is not quite possible
- [Content-Security-Policy (CSP)](https://book.jorianwoltjer.com/web/client-side/cross-site-scripting-xss/content-security-policy-csp.md): The CSP response header restricts what resources are allowed to execute, but can sometimes be bypassed
- [postMessage Exploitation](https://book.jorianwoltjer.com/web/client-side/cross-site-scripting-xss/postmessage-exploitation.md): Send cross-origin messages with arbitrary data, which can easily lead to Cross-Site Scripting in vulnerable handler that fail to verify the origin
- [CSS Injection](https://book.jorianwoltjer.com/web/client-side/css-injection.md): Injecting CSS code to leak content on a page using selectors
- [Cross-Site Request Forgery (CSRF)](https://book.jorianwoltjer.com/web/client-side/cross-site-request-forgery-csrf.md): Submitting data-altering requests blindly from your domain on the client-side. Cookies are automatically sent, often requiring CSRF tokens as protection
- [XS-Leaks](https://book.jorianwoltjer.com/web/client-side/xs-leaks.md): Leaking information cross-site often through private search features
- [Client-Side Path Traversal (CSPT)](https://book.jorianwoltjer.com/web/client-side/client-side-path-traversal-cspt.md): Using ../ sequences and URL parts to rewrite requests made by the browser
- [CRLF / Header Injection](https://book.jorianwoltjer.com/web/client-side/crlf-header-injection.md): Manipulate HTTP headers in your favor or insert completely new ones with even more control
- [Window Popup Tricks](https://book.jorianwoltjer.com/web/client-side/window-popup-tricks.md): Abusing browser functionality to do interesting things with popups and interactions
- [WebSockets](https://book.jorianwoltjer.com/web/client-side/websockets.md)
- [Caching](https://book.jorianwoltjer.com/web/client-side/caching.md): Remember static content to resolve less requests by the backend
- [Headless Browsers](https://book.jorianwoltjer.com/web/client-side/headless-browsers.md): Tricks for dealing with input into headless browsers on the server, using client-side methods


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://book.jorianwoltjer.com/web/client-side.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.