OLD | NEW |
1 <? | 1 <? |
| 2 header("X-XSS-Protection: 1"); |
2 header("Content-Type: text/html; charset=utf-8"); | 3 header("Content-Type: text/html; charset=utf-8"); |
3 ?> | 4 ?> |
4 <!-- <?php | 5 <!-- <?php |
5 # Spam a bunch of As to make sure we blow past any buffers. | 6 # Spam a bunch of As to make sure we blow past any buffers. |
6 print str_repeat("A", 2048); | 7 print str_repeat("A", 2048); |
7 ?> --> | 8 ?> --> |
8 <body> | 9 <body> |
9 <?php | 10 <?php |
10 print "<a ona"; | 11 print "<a ona"; |
11 print str_repeat("a", 2000); | 12 print str_repeat("a", 2000); |
12 | 13 |
13 flush(); | 14 flush(); |
14 usleep(200000); | 15 usleep(200000); |
15 | 16 |
16 print "click=alert(1) ttt>"; | 17 print "click=alert(1) ttt>"; |
17 ?> | 18 ?> |
18 Done. | 19 Done. |
OLD | NEW |