Shazzer logo
Login

Entities allowed after slashes on a protocol relative URL

⚠ Browser differences
Chrome logo 1
Firefox logo 12
Safari logo 12

You can place whitespace after slashes, this vector finds out what entities you can place after them.

Created by: hackvertor

Created on: Saturday, July 6, 2024 at 11:50:39 AM

Updated on: Tuesday, May 27, 2025 at 10:35:53 AM


Category: Entity Parsing

Vector visibility: Public

Vector type: JS

Vector charset: UTF-8

Vector data 1: html_entities

Code used before fuzz:
const div = document.createElement('div')
Template used:
div.innerHTML='<a href="//$[data1]example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   log('$[data1]');0x0D
}
Detecting browser...

Sample payloads

div.innerHTML='<a href="//NO_MATCHESexample.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('NO_MATCHES');0x0D
}
div.innerHTML='<a href="//&bsol;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&bsol;');0x0D
}
div.innerHTML='<a href="//&commat;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&commat;');0x0D
}
div.innerHTML='<a href="//&NegativeMediumSpace;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&NegativeMediumSpace;');0x0D
}
div.innerHTML='<a href="//&NegativeThickSpace;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&NegativeThickSpace;');0x0D
}
div.innerHTML='<a href="//&NegativeThinSpace;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&NegativeThinSpace;');0x0D
}
div.innerHTML='<a href="//&NegativeVeryThinSpace;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&NegativeVeryThinSpace;');0x0D
}
div.innerHTML='<a href="//&NewLine;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&NewLine;');0x0D
}
div.innerHTML='<a href="//&NoBreak;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&NoBreak;');0x0D
}
div.innerHTML='<a href="//&shy;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&shy;');0x0D
}
div.innerHTML='<a href="//&sol;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&sol;');0x0D
}
div.innerHTML='<a href="//&Tab;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&Tab;');0x0D
}
div.innerHTML='<a href="//&ZeroWidthSpace;example.com">';0x0D
if(div.querySelector('a').host === 'example.com') {0x0D
   alert('&ZeroWidthSpace;');0x0D
}

Fuzz results

Chrome logo
Chrome 144.0.0.0 desktop macOS 10.15.7

Updated

Sat Jan 31 2026
Found 1 result
Loading...
Chrome logo
Chrome 126.0.0.0 desktop macOS 10.15.7older version

Updated

Sat Jul 06 2024
Found 12 results
Loading...
Firefox logo
Firefox 127.0 desktop macOS 10.15

Updated

Sat Jul 06 2024
Found 12 results
Loading...
Safari logo
Safari 17.5 mobile iOS 17.5.1

Updated

Sat Jul 06 2024
Found 12 results
Loading...

Distributed Fuzzing

Enabled:
Status:disconnected
Your browser automatically contributes to distributed fuzzing when idle.