info/big-list-of-naughty-strings
1
0
Fork 0
mirror of https://github.com/minimaxir/big-list-of-naughty-strings.git synced 2025-09-24 21:01:32 +02:00
Code Issues Releases Wiki Activity

Add backtick special character list because IE7 allows it as attribute quotes. Add basic attribute escapes to XSS list.

Browse Source
This commit is contained in:
Joseph Lennox
2015-08-10 13:48:01 -07:00
parent 637a06c7bf
commit aed81403bc
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
blns.txt
View File

@@ -40,7 +40,7 @@ Infinity
,./;'[]\-=
<>?:"{}|_+
!@#$%^&*()
!@#$%^&*()`
# Unicode Symbols
#
@@ -177,6 +177,10 @@ Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮
<script>alert('hi')</script>
<img src=x onerror=alert('hi') />
<svg><script>0<1>alert('XSS')</script>
"><script>alert(document.title)</script>
><script>alert(document.title)</script>
'><script>alert(document.title)</script>
"><script>alert(document.title)</script>
# SQL Injection
#