HTML elements that inherit properties which return the full URL
⚠ Browser differences
4
3
4HTML elements that inherit properties which return the full URL(including credentials & location.hash), baseURI excluded
Created by0x999-x
Created Nov 14, 2024
Updated May 27, 2025
Detecting browser...
CategoryHTML Parsing
VisibilityPublic
TypeXSS
CharsetUTF-8
$[data1] placeholderhtml
Template used:
<$[data1] id="xx">Code used after fuzz:
function getAllProperties(obj, maxDepth = 3) {0x0D
const properties = new Set();0x0D
let depth = 0;0x0D
while (obj && depth < maxDepth) {0x0D
Object.getOwnPropertyNames(obj).forEach(prop => properties.add(prop));0x0D
obj = Object.getPrototypeOf(obj);0x0D
depth += 1;0x0D
}0x0D
return [...properties];0x0D
}0x0D
const properties = getAllProperties(xx)0x0D
for (const prop of properties) {0x0D
try {0x0D
if (xx[prop].includes("shazzer")) {0x0D
0x090x090x090x090x09log('$[data1]:'+prop)0x0D
}0x0D
} catch (e) {0x0D
}0x0D
}Sample payloads
<button:formAction id="xx"><form:action id="xx"><input:formAction id="xx"><base:href id="xx">Fuzz results
Chrome 145.0.0.0 desktop macOS 10.15.7
Updated17 Feb 2026
Found 4 results
Loading...
Chrome 144.0.0.0 desktop Windows NT 10.0older version
Updated31 Jan 2026
Found 4 results
Loading...
Firefox 148.0 desktop Windows NT 10.0
Updated23 Feb 2026
Found 3 results
Loading...
Firefox 147.0 desktop Linuxolder version
Updated1 Feb 2026
Found 3 results
Loading...
Microsoft Edge 145.0.0.0 desktop Windows NT 10.0
Updated18 Feb 2026
Found 4 results
Loading...