File: xsstest.html

package info (click to toggle)
modsecurity 3.0.14-1
  • links: PTS
  • area: main
  • in suites: forky, sid, trixie
  • size: 88,920 kB
  • sloc: ansic: 174,512; sh: 43,569; cpp: 26,214; python: 15,734; makefile: 3,864; yacc: 2,947; lex: 1,359; perl: 1,243; php: 42; tcl: 4
file content (35 lines) | stat: -rw-r--r-- 837 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
{% autoescape None %}
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>XSS TEST</title>
<meta name="viewport" content="width=device-width" />
<meta name="format-detection" content="telephone=no">
<link rel="icon" type="image/gif" href="/static/favicon.gif" />
<style>
body { font-family: sans-serif; width: 640px; }
textarea { width: 100% }
table { width: 100% }
td { font-family: monospace; vertical-align: top }
th { text-align: left }
.red { background-color: #FFaaaa; overflow: hidden }
.green { background-color: #aaFFaa }
</style>
<script>
function alert() { document.write("YES"); }
</script>
</head>
<body>
<h1>XSS Test</h1>

<div><div>{{ args[1] }}</div></div>

<div><div style="background:{{ args[2] }}"></div></div>

<div><div {{ args[3] }}></div></div>

<div><div foo='{{ args[4] }}'></div></div>

</body>
</html>