Characters prepended to URL host. check if difference between URL and a tag

Characters ignored in URL, which yield in the same host property. Additionally it checks if the HTML a tag parses anything differently. This is just a simple modification of another fuzzing vector by hansmachine. It should not produce any results

Created byInsertScript

Created Jan 10, 2025

Updated May 27, 2025

Detecting browser...

CategoryURL Handling

VisibilityPublic

TypeJS

CharsetUTF-8

Template used:

if (new URL("https://a.com$[chr]/b").host=="a.com"){0x0D
  var t=document.createElement("a");0x0D
  t.href="https://a.com$[chr]/b";0x0D
  if (t.host != "a.com")0x0D
  {0x0D
    log($[i]);0x0D
  }0x0D
}0x0D
if (new URL("https://$[chr]a.com/b").host=="a.com"){0x0D
  var t=document.createElement("a");0x0D
  t.href="https://$[chr]a.com/b";0x0D
  if (t.host != "a.com")0x0D
  {0x0D
    log($[i]);0x0D
  }0x0D
}

Fuzz results

Chrome 144.0.0.0 desktop Windows NT 10.0

Updated25 Jan 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Firefox 147.0 desktop Linux

Updated1 Feb 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Microsoft Edge 144.0.0.0 desktop Windows NT 10.0

Updated30 Jan 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Characters prepended to URL host. check if difference between URL and a tag

Fuzz results

Distributed Fuzzing