docs-exploit-demo 0.0.1

An demo of how docs.rs could be used maliciously
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13

// Example I found online that doesn't log
// This example isn't https but this would still work under https
#![doc(html_logo_url = "http://www.danasoft.com/vipersig.jpg")]

// favicon could potentially be used too
//#![doc(html_favicon_url = "http://example.org/malicious.png")]

/*!
Source: https://github.com/AlexApps99/docs-exploit-demo

![JPEG](http://www.danasoft.com/vipersig.jpg)
<script>alert("This isn't very safe...");</script>
*/