info/big-list-of-naughty-strings
1
0
Fork 0
mirror of https://github.com/minimaxir/big-list-of-naughty-strings.git synced 2025-09-25 05:12:14 +02:00
Code Issues Releases Wiki Activity
62 Commits 1 Branch 0 Tags
896a6faf4fe0c55d3a90e339e29ee1b36d30d7bf
Commit Graph

62 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Woolf
896a6faf4f #29 2015-08-11 21:00:39 -07:00
Max Woolf
4f0ad73423 #27 2015-08-11 20:57:00 -07:00
Max Woolf
26585a7641 #24 2015-08-11 20:53:57 -07:00
Max Woolf
f5217d8ab3 edit README in light of #28 2015-08-11 20:50:29 -07:00
Max Woolf
b021962ef5 #24 2015-08-11 20:43:14 -07:00
Max Woolf
62066882b5 Null character defeated! 2015-08-11 20:41:59 -07:00
Max Woolf
ff6e9a72f1 #21; .gitattributes 2015-08-11 20:25:32 -07:00
Max Woolf
ad59ef98b3 #21; Fix .gitattributes again 2015-08-11 20:20:24 -07:00
Max Woolf
e3886d3275 Manually add strings from #9 2015-08-11 20:07:56 -07:00
Max Woolf
a03151d467 Merge branch 'jwilkins-patch-1' 2015-08-11 19:57:56 -07:00
Max Woolf
5bbd83d7c2 text 2015-08-11 19:57:30 -07:00
Max Woolf
7217042698 Merged #3 and included non-long strings in blns.txt 2015-08-11 19:41:08 -07:00
Max Woolf
c23d11ff9d Merge remote-tracking branch 'origin/master' 
Conflicts:
	blns.txt
 2015-08-11 19:22:34 -07:00
Max Woolf
0bbf309868 Add gitattributes file to force blns.txt to be text 2015-08-11 19:21:14 -07:00
Max Woolf
0a29e84481 Merge pull request #23 from sartak/master 
Add Perl's "undef"
 2015-08-11 10:29:01 -07:00
Shawn M Moore
7500c5ff3b Add Perl's "undef" 2015-08-11 13:08:49 -04:00
Max Woolf
3e856f7b93 Merge pull request #22 from JuanitoFatas/patch-1 
Fix comment [ci skip]
 2015-08-11 09:28:19 -07:00
Juanito Fatas
18c98526a6 Fix comment [ci skip] 2015-08-11 23:42:19 +08:00
Max Woolf
6b3a0a3489 Added EICAR note 2015-08-11 07:51:21 -07:00
Max Woolf
b518990120 More trick unicode from rspeer at HN 
https://news.ycombinator.com/item?id=10035723
 2015-08-10 19:16:01 -07:00
Max Woolf
d10f848922 update JSON to latest 2015-08-10 19:07:24 -07:00
Max Woolf
a564fe3113 add maintainer note 2015-08-10 19:00:57 -07:00
Max Woolf
ef23ab616c make formatting more consistent 2015-08-10 18:58:18 -07:00
Max Woolf
3a4375fc16 Merge pull request #17 from ataylor32/script-injection 
Added another line to the "Script Injection" section
 2015-08-10 18:52:17 -07:00
Adam Taylor
b191b4a2ef Added another line to the "Script Injection" section 
See https://docs.djangoproject.com/en/1.8/ref/utils/#django.utils.html.remove_tags
 2015-08-10 19:46:12 -06:00
Max Woolf
95189629fd Merge pull request #15 from 06b/patch-1 
Added Full width unicode lt/gt
 2015-08-10 18:08:27 -07:00
Adrian D. Alvarez
5fa6653a89 Added Full width unicode lt/gt 
Browsers will ignore the <script>, but if it's stored into a SQL varchar it get's converted into < and thus a persisted XSS
 2015-08-10 20:54:00 -04:00
Max Woolf
3fdbc7f944 Merge pull request #12 from jlennox/master 
Negative number validation errors. XSS attribute escapes without lt/gt/quote symbols.
 2015-08-10 14:37:45 -07:00
Joseph Lennox
9dbe44bf69 XSS attribute escapes without lt/gt/quote symbols. 2015-08-10 14:30:34 -07:00
Joseph Lennox
02e7317f73 Negative number validation errors. 2015-08-10 14:29:33 -07:00
Max Woolf
1f69f22e39 Merge pull request #11 from aesopwolf/patch-1 
Update blns.txt
 2015-08-10 14:21:59 -07:00
Aesop Wolf
4bc2f13535 Update blns.txt 2015-08-10 14:18:38 -07:00
Max Woolf
e00ffa398b Merge pull request #10 from mariusschulz/patch-1 
Adds more null strings
 2015-08-10 14:17:39 -07:00
Joseph Lennox
f594d6aa2a Negative number validation errors. 2015-08-10 14:16:11 -07:00
Marius Schulz
2769cc1e80 Adds "nil" and "NIL" 2015-08-10 23:09:28 +02:00
Max Woolf
6265464412 Merge pull request #7 from thebouv/master 
Minor typo and grammar fixes to README
 2015-08-10 14:09:06 -07:00
Max Woolf
a3f9ce6613 Merge pull request #8 from jlennox/master 
Decimal validation exceptions. Non-numeric JS numbers. IE7 backtick. Attribute escape XSS.
 2015-08-10 14:08:51 -07:00
Jonathan Wilkins
33e1224dce add MSDOS/Windows device names, more math parsing 2015-08-10 14:07:44 -07:00
Marius Schulz
3488e0597a Adds "NULL" as a naughty string 2015-08-10 23:05:19 +02:00
Joseph Lennox
746eab6d76 Remove duplicated XSS. 2015-08-10 13:59:06 -07:00
Joseph Lennox
dac244a7cc Add numbers to detect poor decimal validation -- European decimal format. 2015-08-10 13:57:51 -07:00
Anthony Bouvier
411ac4c627 Minor typo and grammar fixes to README 2015-08-10 16:48:46 -04:00
Joseph Lennox
aed81403bc Add backtick special character list because IE7 allows it as attribute quotes. Add basic attribute escapes to XSS list. 2015-08-10 13:48:01 -07:00
Joseph Lennox
637a06c7bf Add numbers to detect poor decimal validation. Add non-numeric Number types to detect poorly handled JavaScript validation. 2015-08-10 13:46:53 -07:00
Max Woolf
5376bb15b7 Merge pull request #5 from foxdan/snowman 
Unicode Snowman for You
 2015-08-10 11:43:12 -07:00
Max Woolf
99e352f1eb Merge pull request #6 from donatj/patch-1 
Adds UTF-8 4-byte chinese characters.
 2015-08-10 11:43:01 -07:00
Jesse Donat
1b844e5977 Update blns.txt 2015-08-10 13:32:56 -05:00
Jesse Donat
c13f4ac1f5 Adds UTF-8 4-byte chinese characters. 2015-08-10 13:30:36 -05:00
Dan Fox
9942b1a135 Unicode Snowman for You 2015-08-10 19:21:53 +01:00
Max Woolf
1a90a0437e Merge pull request #4 from ejcx/knowncves 
Add known vuln section.
 2015-08-10 10:54:14 -07:00