1
1
1Characters ignored in URL, which yield in the same host property. Additionally it checks if the HTML a tag parses anything differently. This is just a simple modification of another fuzzing vector by hansmachine. It should not produce any results
if (new URL("https://a.com$[chr]/b").host=="a.com"){0x0D
var t=document.createElement("a");0x0D
t.href="https://a.com$[chr]/b";0x0D
if (t.host != "a.com")0x0D
{0x0D
log($[i]);0x0D
}0x0D
}0x0D
if (new URL("https://$[chr]a.com/b").host=="a.com"){0x0D
var t=document.createElement("a");0x0D
t.href="https://$[chr]a.com/b";0x0D
if (t.host != "a.com")0x0D
{0x0D
log($[i]);0x0D
}0x0D
}