s0md3v/XSStrike
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

temporary patch to fix invalid js payloads

Browse Source
This commit is contained in:
Somdev Sangwan
2018-11-20 23:06:25 +05:30
committed by GitHub
parent 1b6e204e66
commit 1d7e943f35
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/config.py
View File

@@ -22,7 +22,7 @@ badTags = ('iframe', 'title', 'textarea', 'noembed',
tags = ('html', 'd3v', 'a', 'details') # HTML Tags tags = ('html', 'd3v', 'a', 'details') # HTML Tags
# "Things" that can be used between js functions and breakers e.g. '};alert()// # "Things" that can be used between js functions and breakers e.g. '};alert()//
jFillings = ('-', '*', ';', '/') jFillings = (';')
# "Things" that can be used before > e.g. <tag attr=value%0dx> # "Things" that can be used before > e.g. <tag attr=value%0dx>
lFillings = ('', '%0dx') lFillings = ('', '%0dx')
# "Things" to use between event handler and = or between function and = # "Things" to use between event handler and = or between function and =