-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
22 lines (22 loc) · 1.38 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
<!doctype html>
<html>
<head><title>DOM XSS Test Files</title></head>
<body>
<H1>DOM XSS test cases</H1>
<B>GitHub Homepage</B>: <A href="https://github.com/dmitris/domxsstest">https://github.com/dmitris/domxsstest</A>
<ul>
<li>
<A href="document_write_hash.html">document_write_hash.html</A> - document.write with unfiltered value of location.hash. Sample exploit: <A href="document_write_hash.html#<img src=foo onerror=alert(123)>">document_write_hash.html#<img src=foo onerror=alert(123)></A>
<li>
<A href="innerhtml_hash.html">innerhtml_hash.html</A> - assignment from hash to innerHTML. Sample exploit: <A href="innerhtml_hash.html#<img src=foo onerror=alert(123)>">innerhtml_hash.html#<img src=foo onerror=alert(123)></A>
<li>
<A href="yuinode_hash.html">yuinode_hash.html</A> - YUI's setHTML with location.hash. Sample exploit: <A href="yuinode_hash.html#<img src=bla onerror=alert(123)>">yuinode_hash.html#<img src=bla onerror=alert(123)></A>
<li>
<A href="jquery_append_hash.html">jquery_append_hash.html</A> - jQuery append with hash. Sample exploit: <A href="jquery_append_hash.html#<img src=foo onerror=alert(123)>">jquery_append_hash.html#<img src=foo onerror=alert(123)></A>
<li>
<A href="jsonptest.html">jsonptest.html</A> - PoC
<li>
<A href="jsonptest_fixed.html">jsonptest_fixed.html</A> - a fixed (properly escaped) version
</ul>
</body>
</html>