Url parsing diff b/w window.open and new URL

Trying to bypass a check implemented like this try { parsedUrl = new URL(url) // do some checks protocol,host } catch(e){ // fine we can use it simply window.open(url) }

Created on: Friday, February 21, 2025 at 8:47:03 AM

Updated on: Friday, February 21, 2025 at 10:23:44 PM

Vector type: JS

Vector charset: UTF-8

char = String.fromCodePoint($[i],$[j])
url = "javascript://"+char+"google.com"

try {
    new URL(url)
}
catch(e){
   pwn(url,char)
 }

function pwn(url,char){
   try{
 window.open(url)
 console.log("shirley");
log($[i],$[j])
 }catch(e){
}
}