299
299
47
47Characters ignored in URL, which yield in the same host property. This is just a simple modification of another fuzzing vector by hansmachine
if (new URL("https://google.com$[chr]$[chr]/endpoint").host=="google.com"){log($[i])}if (new URL("https://google.com0x090x09/endpoint").host=="google.com"){alert(9)}if (new URL("https://google.com##/endpoint").host=="google.com"){alert(35)}if (new URL("https://google.com///endpoint").host=="google.com"){alert(47)}if (new URL("https://google.com??/endpoint").host=="google.com"){alert(63)}if (new URL("https://google.com\\/endpoint").host=="google.com"){alert(92)}if (new URL("https://google.com/endpoint").host=="google.com"){alert(173)}if (new URL("https://google.com͏͏/endpoint").host=="google.com"){alert(847)}if (new URL("https://google.comᅟᅟ/endpoint").host=="google.com"){alert(4447)}if (new URL("https://google.comᅠᅠ/endpoint").host=="google.com"){alert(4448)}if (new URL("https://google.com឴឴/endpoint").host=="google.com"){alert(6068)}if (new URL("https://google.com឵឵/endpoint").host=="google.com"){alert(6069)}if (new URL("https://google.com᠋᠋/endpoint").host=="google.com"){alert(6155)}if (new URL("https://google.com᠌᠌/endpoint").host=="google.com"){alert(6156)}if (new URL("https://google.com᠍᠍/endpoint").host=="google.com"){alert(6157)}if (new URL("https://google.com/endpoint").host=="google.com"){alert(6158)}if (new URL("https://google.com᠏᠏/endpoint").host=="google.com"){alert(6159)}if (new URL("https://google.com/endpoint").host=="google.com"){alert(8203)}if (new URL("https://google.com/endpoint").host=="google.com"){alert(8288)}if (new URL("https://google.com/endpoint").host=="google.com"){alert(8289)}if (new URL("https://google.com/endpoint").host=="google.com"){alert(8290)}