35 lines
883 B
HTML
35 lines
883 B
HTML
<html>
|
||
<head>
|
||
<meta http-equiv="Content-Type" content="text/html; charset=Shift_JIS">
|
||
<script>
|
||
if (window.testRunner)
|
||
testRunner.dumpAsText();
|
||
|
||
var test = "Passed";
|
||
|
||
function runTest() {
|
||
var t = document.getElementById("input1");
|
||
if (document.all) {
|
||
t.fireEvent("onchange");
|
||
} else {
|
||
var evt = document.createEvent("HTMLEvents");
|
||
evt.initEvent("change",true,true);
|
||
t.dispatchEvent(evt);
|
||
}
|
||
|
||
var r = document.getElementById("result");
|
||
|
||
if (test=="Passed")
|
||
r.innerHTML = "Passed";
|
||
else
|
||
r.innerHTML = "Failed";
|
||
}
|
||
</script>
|
||
</head>
|
||
<body onload="runTest();">
|
||
<p>Test if an invalid multi-byte sequence is onverconsumed leading to an
|
||
XSS vector</p>
|
||
<input id="input1" src="" type="xss<73>">ABCD" onchange="test='Failed'" using malformed byte sequence 0x83 0x22<br>
|
||
<div id="result"></div>
|
||
</body>
|