Shazzer logo
Login

Entities allowed between two forward slashes

⚠ Browser differences
Chrome logo 1
Firefox logo 4
Edge logo 4

Quick check what entities is allowed between two slashes in regards to a protocol "//"

InsertScript
Created byInsertScript
Created Sep 19, 2024
Updated May 27, 2025

Tweet
Detecting browser...
CategoryEntity Parsing
VisibilityPublic
TypeXSS
CharsetUTF-8
$[data1] placeholderhtml_entities
Template used:
<a href="/$[data1]/test.com/" id=x></a>
Code used after fuzz:
if(x.host == "test.com")log('$[data1]')

Sample payloads

<a href="/&bsol;/test.com/" id=x></a>
<a href="/&NewLine;/test.com/" id=x></a>
<a href="/&sol;/test.com/" id=x></a>
<a href="/&Tab;/test.com/" id=x></a>

Fuzz results

Chrome logo
Chrome 148.0.0.0 desktop Windows NT 10.0
Updated15 Mar 2026
Found 1 result
Loading...
Chrome logo
Chrome 131.0.0.0 desktop Windows NT 10.0older version
Updated19 Sept 2024
Found 4 results
Loading...
Firefox logo
Firefox 149.0 desktop macOS 10.15
Updated3 Apr 2026
Found 4 results
Loading...
Firefox logo
Firefox 148.0 desktop Windows NT 10.0older version
Updated23 Feb 2026
Found 1 result
Loading...
Edge logo
Microsoft Edge 146.0.0.0 desktop Windows NT 10.0
Updated3 Apr 2026
Found 4 results
Loading...

Distributed Fuzzing

Enabled:
Status:disconnected
Your browser automatically contributes to distributed fuzzing when idle.