Characters allowed before javascript URL
33
33
33
33Vector to check if any characters are allowed before "javascript:" to still result in a javascript url. Note: compare this vector (JavaScript URL) with HTML DOM: https://shazzer.co.uk/vectors/661652f5c7a9004304ba5539
Created byThomasOrlita
Created Apr 15, 2024
Updated May 23, 2025
Detecting browser...
CategoryURL Handling
VisibilityPublic
TypeJS
CharsetUTF-8
Template used:
if (new URL(String.fromCodePoint($[i]) + "javascript:alert()").protocol=="javascript:"){log($[i])}Sample payloads
if (new URL(String.fromCodePoint(0) + "javascript:alert()").protocol=="javascript:"){alert(0)}if (new URL(String.fromCodePoint(1) + "javascript:alert()").protocol=="javascript:"){alert(1)}if (new URL(String.fromCodePoint(2) + "javascript:alert()").protocol=="javascript:"){alert(2)}if (new URL(String.fromCodePoint(3) + "javascript:alert()").protocol=="javascript:"){alert(3)}if (new URL(String.fromCodePoint(4) + "javascript:alert()").protocol=="javascript:"){alert(4)}if (new URL(String.fromCodePoint(5) + "javascript:alert()").protocol=="javascript:"){alert(5)}if (new URL(String.fromCodePoint(6) + "javascript:alert()").protocol=="javascript:"){alert(6)}if (new URL(String.fromCodePoint(7) + "javascript:alert()").protocol=="javascript:"){alert(7)}if (new URL(String.fromCodePoint(8) + "javascript:alert()").protocol=="javascript:"){alert(8)}if (new URL(String.fromCodePoint(9) + "javascript:alert()").protocol=="javascript:"){alert(9)}if (new URL(String.fromCodePoint(10) + "javascript:alert()").protocol=="javascript:"){alert(10)}if (new URL(String.fromCodePoint(11) + "javascript:alert()").protocol=="javascript:"){alert(11)}if (new URL(String.fromCodePoint(12) + "javascript:alert()").protocol=="javascript:"){alert(12)}if (new URL(String.fromCodePoint(13) + "javascript:alert()").protocol=="javascript:"){alert(13)}if (new URL(String.fromCodePoint(14) + "javascript:alert()").protocol=="javascript:"){alert(14)}if (new URL(String.fromCodePoint(15) + "javascript:alert()").protocol=="javascript:"){alert(15)}if (new URL(String.fromCodePoint(16) + "javascript:alert()").protocol=="javascript:"){alert(16)}if (new URL(String.fromCodePoint(17) + "javascript:alert()").protocol=="javascript:"){alert(17)}if (new URL(String.fromCodePoint(18) + "javascript:alert()").protocol=="javascript:"){alert(18)}if (new URL(String.fromCodePoint(19) + "javascript:alert()").protocol=="javascript:"){alert(19)}Fuzz results
Chrome 144.0.0.0 desktop Windows NT 10.0
Updated
Mon Jan 26 2026
Found 33 results
Loading...
Chrome 127.0.0.0 desktop macOS 10.15.7older version
Updated
Tue Aug 20 2024
Found 33 results
Loading...
Chrome 124.0.0.0 Unknown Unknownolder version
Updated
Tue Apr 30 2024
Found 33 results
Loading...
Firefox 147.0 desktop Linux
Updated
Sun Feb 01 2026
Found 33 results
Loading...
Firefox 125.0 Unknown Unknownolder version
Updated
Tue Apr 30 2024
Found 33 results
Loading...
Microsoft Edge 144.0.0.0 desktop Windows NT 10.0
Updated
Sat Jan 31 2026
Found 33 results
Loading...
Safari 17.4 Unknown Unknown
Updated
Tue Apr 30 2024
Found 33 results
Loading...