From 797fd0eea058d54fe45fa057e9c59f07475082fd Mon Sep 17 00:00:00 2001
From: Logan Hunt <loganhunt@simponic.xyz>
Date: Sun, 19 Jun 2022 01:50:17 -0700
Subject: [PATCH] Add some testing scripts

---
 js-scripts/README.org              | 2 ++
 js-scripts/queryJsonPlaceholder.js | 7 +++++++
 2 files changed, 9 insertions(+)
 create mode 100644 js-scripts/README.org
 create mode 100644 js-scripts/queryJsonPlaceholder.js

diff --git a/js-scripts/README.org b/js-scripts/README.org
new file mode 100644
index 0000000..b4b51cb
--- /dev/null
+++ b/js-scripts/README.org
@@ -0,0 +1,2 @@
+* js-scripts
+These are just scripts that I use to test XSS bugs and whatnot; I'm not very good and I have no idea what I am doing this so please ignore them.
diff --git a/js-scripts/queryJsonPlaceholder.js b/js-scripts/queryJsonPlaceholder.js
new file mode 100644
index 0000000..e8b7ea2
--- /dev/null
+++ b/js-scripts/queryJsonPlaceholder.js
@@ -0,0 +1,7 @@
+// Testing to see if I can make API calls on a site that has CSP headers. However,
+// this certain site does not have those headers on their error page, so by creating
+// an iframe on the document root with this source we can make an api call to another
+// service, maybe?
+fetch('https://jsonplaceholder.typicode.com/todos/1')
+  .then(response => response.json())
+  .then(json => console.log(json))