mozilla

Revision 353017 of User:groovecoder

  • Revision slug: User:groovecoder
  • Revision title: User:groovecoder
  • Revision id: 353017
  • Created:
  • Creator: groovecoder
  • Is current revision? No
  • Comment

Revision Content

Source code Output result
{{ Grooveembed_text("polygon.svg", "xml") }} {{ GrooveEmbedSVG("polygon.svg",120,120) }}

» polygon.svg

 
 
fdf
table 1
sort 2
this 3
BrowserID
BrowserID is another name for Persona.

Dfn denotes a term defined inside a p or section element.

xss

{{SidebarTOC('AppsTutorialsGeneral')}}

<svg (none,="" 'xmlns',="" 'http:="" www.w3.org="" 2000="" xmlns="" ')="" 2000="" baseprofile="full" http:="" version="1.1" www.w3.org=""> <polygon fill="#009900" id="triangle" points="0,0 0,50 50,0" stroke="#004400"></polygon> <script type="text/javascript"> alert('This app is probably vulnerable to XSS attacks!'); console.log($); </script></svg>

Revision Source

<table class="standard-table">
  <tbody>
    <tr>
      <th scope="col">Source code</th>
      <th scope="col">Output result</th>
    </tr>
    <tr>
      <td>{{ Grooveembed_text("polygon.svg", "xml") }}</td>
      <td>{{ GrooveEmbedSVG("polygon.svg",120,120) }}</td>
    </tr>
  </tbody>
</table>
<p>» <a href="https://developer.mozilla.org/files/3259/polygon.svg" title="https://developer.mozilla.org/files/3259/polygon.svg">polygon.svg</a></p>
<div style="width:expression(alert('xss'))">
  &nbsp;</div>
<div style="width:expression(alert('xss'))">
  <img alt="" src="/files/4623/polygon.svg" style="width: 120px; height: 120px;" /></div>
<div style="width:expression(alert('xss'))">
  &nbsp;</div>
<div style="width:expression(alert('xss'))">
  fdf</div>
<table>
  <tbody>
    <tr>
      <td>table</td>
      <td>1</td>
    </tr>
    <tr>
      <td>sort</td>
      <td>2</td>
    </tr>
    <tr>
      <td>this</td>
      <td>3</td>
    </tr>
  </tbody>
</table>
<dl>
  <dt>
    BrowserID</dt>
  <dd>
    <dfn>BrowserID</dfn> is another name for <a href="https://persona.org/" title="https://persona.org/">Persona</a>.</dd>
</dl>
<p><dfn>Dfn</dfn> denotes a term defined inside a p or section element.</p>
<section id="sect1">
  <p><img alt="xss" src="/files/4457/luke_headshot_small.png" style="width: 128px; height: 123px;" /></p>
</section>
<p>{{SidebarTOC('AppsTutorialsGeneral')}}</p>
<!--
<p><svg xmlns="http://www.w3.org/2000/svg"><circle onload="confirm(3)" /></svg></p>
-->
<p><svg 2000="" baseprofile="full" http:="" version="1.1" www.w3.org="" xmlns=""> <polygon fill="#009900" id="triangle" points="0,0 0,50 50,0" stroke="#004400"></polygon> <script type="text/javascript">
      alert('This app is probably vulnerable to XSS attacks!');
console.log($);
   </script></svg></p>
Revert to this revision