4
4
4
4This tests for chars allowed before the colon in a Javascript uri format.
<script>window.onerror=x=>true;</script>0x0D
<base href="https://example.com" /><a href="javascript$[chr]:" id=x></a>x.protocol === 'javascript:' && log($[i])<a href="javascript0x09:" id=x></a><a href="javascript
:" id=x></a><a href="javascript0x0D:" id=x></a><a href="javascript::" id=x></a>