From 055187a625ac0534cf3fa72d339a53b4bce8f336 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Fri, 5 Jul 2019 10:19:54 +0200 Subject: Add test vectors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- src/tests/fixtures/xssFuzzVectors.js | 49 ++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 src/tests/fixtures/xssFuzzVectors.js (limited to 'src/tests') diff --git a/src/tests/fixtures/xssFuzzVectors.js b/src/tests/fixtures/xssFuzzVectors.js new file mode 100644 index 000000000..37eb7cd43 --- /dev/null +++ b/src/tests/fixtures/xssFuzzVectors.js @@ -0,0 +1,49 @@ +/* + * @copyright Copyright (c) 2019 Julius Härtl + * + * @author Julius Härtl + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +const xssFuzzVectors = '>">&\n' + + '">\n' + + '>"\'>\n' + + '\n' + + '>%22%27>\n' + + '\'%uff1cscript%uff1ealert(\'XSS\')%uff1c/script%uff1e\'\n' + + '">\n' + + '>"\n' + + '\'\';!--"=&{()}\n' + + '\n' + + '\n' + + ' \n' + + '")>\n' + + '#115;cript:a\n' + + ' lert('XS;S')>\n' + + '#0000118as&#0000099ri&#0000112t:\n' + + ' &#0000097le&#0000114t(&#0000039XS&#0000083')>\n' + + ' \n' + + '#x63ript:&#x61lert(\n' + + ' &#x27XSS')>\n' + + '\n' + + '\n' + + '\n' + + ''; + +export default xssFuzzVectors -- cgit v1.2.3