OLD | NEW |
1 CONSOLE ERROR: line 4: The XSS Auditor blocked access to 'http://127.0.0.1:8000/
security/xssAuditor/resources/echo-intertag.pl?test=report-script-tag-full-block
.html&enable-full-block-report=1&q=%3Cscript%3Ealert(String.fromCharCode(0x58,0x
53,0x53))%3C/script%3E%3Cp%3EIf%20you%20see%20this%20message,%20no%20JavaScript%
20alert(),%20and%20a%20dump%20of%20the%20report%20below,%20then%20the%20test%20P
ASSED.%3C/p%3E' because the source code of a script was found within the request
. The server sent an 'X-XSS-Protection' header requesting this behavior. | 1 CONSOLE ERROR: line 4: The XSS Auditor blocked access to 'http://127.0.0.1:8000/
security/xssAuditor/resources/echo-intertag.pl?test=report-script-tag-full-block
.html&enable-full-block-report=1&q=%3Cscript%3Ealert(String.fromCharCode(0x58,0x
53,0x53))%3C/script%3E%3Cp%3EIf%20you%20see%20this%20message,%20no%20JavaScript%
20alert(),%20and%20a%20dump%20of%20the%20report%20below,%20then%20the%20test%20P
ASSED.%3C/p%3E' because the source code of a script was found within the request
. The server sent an 'X-XSS-Protection' header requesting this behavior. |
2 CSP report received: | 2 CSP report received: |
3 CONTENT_TYPE: application/json | 3 CONTENT_TYPE: application/xss-auditor-report |
4 HTTP_REFERER: http://127.0.0.1:8000/security/xssAuditor/resources/echo-intertag.
pl?test=report-script-tag-full-block.html&enable-full-block-report=1&q=%3Cscript
%3Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E%3Cp%3EIf%20you%20see%
20this%20message,%20no%20JavaScript%20alert(),%20and%20a%20dump%20of%20the%20rep
ort%20below,%20then%20the%20test%20PASSED.%3C/p%3E | 4 HTTP_REFERER: http://127.0.0.1:8000/security/xssAuditor/resources/echo-intertag.
pl?test=report-script-tag-full-block.html&enable-full-block-report=1&q=%3Cscript
%3Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E%3Cp%3EIf%20you%20see%
20this%20message,%20no%20JavaScript%20alert(),%20and%20a%20dump%20of%20the%20rep
ort%20below,%20then%20the%20test%20PASSED.%3C/p%3E |
5 REQUEST_METHOD: POST | 5 REQUEST_METHOD: POST |
6 === POST DATA === | 6 === POST DATA === |
7 {"xss-report":{"request-url":"http://127.0.0.1:8000/security/xssAuditor/resource
s/echo-intertag.pl?test=report-script-tag-full-block.html&enable-full-block-repo
rt=1&q=%3Cscript%3Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E%3Cp%3
EIf%20you%20see%20this%20message,%20no%20JavaScript%20alert(),%20and%20a%20dump%
20of%20the%20report%20below,%20then%20the%20test%20PASSED.%3C/p%3E","request-bod
y":""}} | 7 {"xss-report":{"request-url":"http://127.0.0.1:8000/security/xssAuditor/resource
s/echo-intertag.pl?test=report-script-tag-full-block.html&enable-full-block-repo
rt=1&q=%3Cscript%3Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E%3Cp%3
EIf%20you%20see%20this%20message,%20no%20JavaScript%20alert(),%20and%20a%20dump%
20of%20the%20report%20below,%20then%20the%20test%20PASSED.%3C/p%3E","request-bod
y":""}} |
OLD | NEW |