OLD | NEW |
1 CONSOLE ERROR: line 4: The XSS Auditor blocked access to 'http://127.0.0.1:8000/
security/xssAuditor/resources/echo-intertag.pl?enable-full-block=1&q=%3Cscript%3
Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E' because the source cod
e of a script was found within the request. The server sent an 'X-XSS-Protection
' header requesting this behavior. | 1 CONSOLE ERROR: line 4: The XSS Auditor blocked access to 'http://127.0.0.1:8000/
security/xssAuditor/resources/echo-intertag.pl?enable-full-block=1&q=%3Cscript%3
Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E' because the source cod
e of a script was found within the request. The server sent an 'X-XSS-Protection
' header requesting this behavior. |
2 CONSOLE MESSAGE: line 17: PASS: Referrer is "http://127.0.0.1:8000/security/xssA
uditor/resources/echo-intertag.pl?enable-full-block=1&q=%3Cscript%3Ealert(String
.fromCharCode(0x58,0x53,0x53))%3C/script%3E" | 2 CONSOLE MESSAGE: line 19: FAIL: same-origin access threw: 'SecurityError: Failed
to read the 'contentDocument' property from 'HTMLIFrameElement': Blocked a fram
e with origin "http://127.0.0.1:8000" from accessing a cross-origin frame.'. |
| 3 ALERT: URL mismatch: '[Location object access threw exception]' vs. 'http://127.
0.0.1:8000/security/xssAuditor/resources/echo-intertag.pl?enable-full-block=1&q=
%3Cscript%3Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E' |
3 There should be no content in the iframe below: | 4 There should be no content in the iframe below: |
4 | 5 |
5 | 6 |
6 | 7 |
7 -------- | 8 -------- |
8 Frame: 'frame' | 9 Frame: 'frame' |
9 -------- | 10 -------- |
10 | 11 |
OLD | NEW |