-
Notifications
You must be signed in to change notification settings - Fork 77
How to read tables
Ohpe edited this page Jan 29, 2016
·
1 revision
Tables contents describe output given some input. Headers are:
- source: JavaScript object name
- browser: Browser Name
- version: Browser version tested
- pathInfo: characters that are not urlencoded in the pathInfo part
- Search: characters that are not urlencoded in the search part
- Hash: characters that are not urlencoded in the hash part
- output sample: A sample of the output given by getting the property, if needed.
Sometimes you'll find something like [A-B], that means that it has to be considered the whole interval of ascii characters from A to B.
The missing characters in the table elements are to be considered urlencoded, if described otherwise and excluding /[a-z0-9]/i
Finally, some interesting characters are bold.
- Home
- Sources
-
Sinks
- Direct Execution Sinks
- Set Object Sinks
- HTML Manipulation Sinks
- Style Sinks
- XMLHttpRequest Sink
- Set Cookie Sink
- Set Location Sink
- Control Flow Sink
- [Use of Equality And Strict Equality](Use of Equality And Strict Equality)
- Math.random Sink
- JSON Sink
- XML Sink
- [Common JavaScript libraries](Common JavaScript libraries)
- String Manipulation Methods
- Local DOMXSS
- Finding DOMXSS
- Object Shadowing
- Filters
- Glossary
- References