Characters allowed javascript and colon copy2
4
Vector to check if any characters are allowed between javascript and : to still result in a javascript url.
Created by: avlidienbrunn
Created on: Sunday, September 29, 2024 at 3:23:28 PM
Updated on: Tuesday, December 10, 2024 at 5:32:46 PM
Vector type: JS
Vector charset: UTF-8
Template used:
if (new URL("javascript"+String.fromCodePoint(parseInt($[i]..toString(16),16))+":alert()").protocol=="javascript:"){log($[i])}
Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
if (new URL("javascript"+String.fromCodePoint(parseInt(9..toString(16),16))+":alert()").protocol=="javascript:"){alert(9)}
if (new URL("javascript"+String.fromCodePoint(parseInt(10..toString(16),16))+":alert()").protocol=="javascript:"){alert(10)}
if (new URL("javascript"+String.fromCodePoint(parseInt(13..toString(16),16))+":alert()").protocol=="javascript:"){alert(13)}
if (new URL("javascript"+String.fromCodePoint(parseInt(58..toString(16),16))+":alert()").protocol=="javascript:"){alert(58)}
Fuzz results
Chrome 128.0.0.0 desktop Linux
Updated
Sun Sep 29 2024
Found 4 results
Loading...