173 lines
3.2 KiB
Plaintext
173 lines
3.2 KiB
Plaintext
Variations on type attribute of script tag
|
||
|
||
These scripts should execute
|
||
|
||
no type attribute executed
|
||
empty string executed
|
||
text/javascript executed
|
||
text/JAVASCRIPT executed
|
||
TEXT/JAVASCRIPT executed
|
||
'text/javascript ' executed
|
||
' text/javascript ' executed
|
||
text/jscript executed
|
||
text/ecmascript executed
|
||
text/livescript executed
|
||
text/javascript1.1 executed
|
||
text/javascript1.2 executed
|
||
text/javascript1.3 executed
|
||
application/javascript executed
|
||
application/ecmascript executed
|
||
application/x-javascript executed
|
||
These scripts should not execute
|
||
|
||
one space
|
||
text/
|
||
text/vbscript
|
||
text/vbs
|
||
text/xml
|
||
text/javascript1
|
||
text/javascript1.0 executed
|
||
text/javascript1.4 executed
|
||
text/javascript1.5 executed
|
||
text/javascript1.6
|
||
application/jscript
|
||
application/x-jscript
|
||
application/livescript
|
||
application/x-livescript
|
||
application/x-ecmascript executed
|
||
application/javascript1.2
|
||
application/x-javascript1.2
|
||
javascript
|
||
jscript
|
||
ecmascript
|
||
livescript
|
||
livescript1.1
|
||
JAVASCRIPT
|
||
JavaScript
|
||
JavaScript 1
|
||
JavaScript 1.0
|
||
JavaScript 1.1
|
||
JavaScript 1.1.1
|
||
JavaScript 1.2
|
||
JavaScript 1.3
|
||
JavaScript 1.4
|
||
JavaScript 1.5
|
||
JavaScript 1.6
|
||
JavaScript 1.7
|
||
JavaScript 1.8
|
||
JavaScript 1.9
|
||
JavaScript 2
|
||
JavaScript 2.1
|
||
JavaScript 10
|
||
JavaScript 10.0
|
||
_javascript
|
||
javascript_
|
||
javascript_1.0
|
||
javascript 1.0 x
|
||
JavaScript1
|
||
JavaScript1.0
|
||
JavaScript1.1
|
||
JavaScript1.2
|
||
JavaScript1.3
|
||
JavaScript1.4
|
||
JavaScript1.4.1
|
||
JavaScript1.5
|
||
JavaScript1.6
|
||
JavaScript1.7
|
||
1.0 javascript
|
||
' javascript '
|
||
' javascript1.1 '
|
||
' javascript '
|
||
' javascript 1.0 '
|
||
' javascript 1.0 '
|
||
jscript 1
|
||
jscript 1.0
|
||
ecmascript 1
|
||
ecmascript 1.0
|
||
livescript 1
|
||
livescript 1.0
|
||
' jscript 1.0 '
|
||
disabled_javascript
|
||
xxxjavascriptxxx
|
||
bogus
|
||
Variations on language attribute of script tag
|
||
|
||
These scripts should execute
|
||
|
||
no language attribute executed
|
||
empty string executed
|
||
jscript executed
|
||
ecmascript executed
|
||
livescript executed
|
||
javascript executed
|
||
JAVASCRIPT executed
|
||
JavaScript executed
|
||
JavaScript1.0 executed
|
||
JavaScript1.1 executed
|
||
JavaScript1.2 executed
|
||
JavaScript1.3 executed
|
||
JavaScript1.4 executed
|
||
JavaScript1.5 executed
|
||
JavaScript1.6 executed
|
||
JavaScript1.7 executed
|
||
These scripts should not execute
|
||
|
||
one space
|
||
vbscript
|
||
livescript1.1
|
||
JavaScript 1
|
||
JavaScript 1.0
|
||
JavaScript 1.1
|
||
JavaScript 1.1.1
|
||
JavaScript 1.2
|
||
JavaScript 1.3
|
||
JavaScript 1.4
|
||
JavaScript 1.5
|
||
JavaScript 1.6
|
||
JavaScript 1.7
|
||
JavaScript 1.8
|
||
JavaScript 1.9
|
||
JavaScript 2
|
||
JavaScript 2.1
|
||
JavaScript 10
|
||
JavaScript 10.0
|
||
_javascript
|
||
javascript_
|
||
javascript_1.0
|
||
javascript 1.0 x
|
||
JavaScript1
|
||
JavaScript1.8
|
||
JavaScript1.9
|
||
JavaScript1.4.1
|
||
1.0 javascript
|
||
' javascript '
|
||
' javascript1.1 '
|
||
' javascript '
|
||
' javascript 1.0 '
|
||
' javascript 1.0 '
|
||
jscript 1
|
||
jscript 1.0
|
||
ecmascript 1
|
||
ecmascript 1.0
|
||
livescript 1
|
||
livescript 1.0
|
||
' jscript 1.0 '
|
||
disabled_javascript
|
||
xxxjavascriptxxx
|
||
bogus
|
||
Variations on combined type and language attributes of script tag
|
||
|
||
These scripts should execute
|
||
|
||
empty string type, "javascript" language executed
|
||
empty string language, "text/javascript" type executed
|
||
"javascript" language, "text/javascript" type executed
|
||
"bogus" language, "text/javascript" type executed
|
||
"livescript" language, "text/javascript" type executed
|
||
"javascript1.2" language, "text/javascript" type executed
|
||
These scripts should not execute
|
||
|
||
"javascript" language, "bogus" type
|
||
empty string type, "bogus" language
|
||
empty string language, "bogus" type
|