Shazzer logo
Login

Entities allowed between two forward slashes

Chrome logo 1
Firefox logo 1
Edge logo 1

Quick check what entities is allowed between two slashes in regards to a protocol "//"

InsertScript
Created byInsertScript
Created Sep 19, 2024
Updated May 27, 2025

Tweet
Detecting browser...
CategoryEntity Parsing
VisibilityPublic
TypeXSS
CharsetUTF-8
$[data1] placeholderhtml_entities
Template used:
<a href="/$[data1]/test.com/" id=x></a>
Code used after fuzz:
if(x.host == "test.com")log('$[data1]')

Sample payloads

<a href="/&bsol;/test.com/" id=x></a>
<a href="/&NewLine;/test.com/" id=x></a>
<a href="/&sol;/test.com/" id=x></a>
<a href="/&Tab;/test.com/" id=x></a>

Fuzz results

Chrome logo
Chrome 144.0.0.0 desktop macOS 10.15.7
Updated31 Jan 2026
Found 1 result
Loading...
Chrome logo
Chrome 131.0.0.0 desktop Windows NT 10.0older version
Updated19 Sept 2024
Found 4 results
Loading...
Firefox logo
Firefox 147.0 desktop Linux
Updated1 Feb 2026
Found 1 result
Loading...
Edge logo
Microsoft Edge 144.0.0.0 desktop Windows NT 10.0
Updated31 Jan 2026
Found 1 result
Loading...

Distributed Fuzzing

Enabled:
Status:disconnected
Your browser automatically contributes to distributed fuzzing when idle.