OLD | NEW |
1 CONSOLE ERROR: line 4: The XSS Auditor blocked access to 'http://127.0.0.1:8000/
security/xssAuditor/resources/echo-intertag.pl?enable-full-block=1&q=%3Cscript%3
Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E' because the source cod
e of a script was found within the request. The server sent an 'X-XSS-Protection
' header requesting this behavior. | 1 CONSOLE ERROR: line 4: The XSS Auditor blocked access to 'http://127.0.0.1:8000/
security/xssAuditor/resources/echo-intertag.pl?enable-full-block=1&q=%3Cscript%3
Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E' because the source cod
e of a script was found within the request. The server sent an 'X-XSS-Protection
' header requesting this behavior. |
2 CONSOLE MESSAGE: line 19: PASS: Cross-origin access threw: 'SecurityError: Faile
d to read the 'contentDocument' property from 'HTMLIFrameElement': Blocked a fra
me with origin "http://127.0.0.1:8000" from accessing a cross-origin frame.'. | 2 CONSOLE MESSAGE: line 17: PASS: Referrer is "http://127.0.0.1:8000/security/xssA
uditor/resources/echo-intertag.pl?enable-full-block=1&q=%3Cscript%3Ealert(String
.fromCharCode(0x58,0x53,0x53))%3C/script%3E" |
3 ALERT: URL mismatch: '[Location object access threw exception]' vs. 'http://127.
0.0.1:8000/security/xssAuditor/resources/echo-intertag.pl?enable-full-block=1&q=
%3Cscript%3Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3E' | |
4 There should be no content in the iframe below: | 3 There should be no content in the iframe below: |
5 | 4 |
6 | 5 |
7 | 6 |
8 -------- | 7 -------- |
9 Frame: 'frame' | 8 Frame: 'frame' |
10 -------- | 9 -------- |
11 | 10 |
OLD | NEW |