[Piwik-svn] r1166 - trunk/tests/resources
svnmaster at piwik.org
svnmaster at piwik.org
Mon Jun 1 03:06:34 CEST 2009
Author: matt
Date: 2009-06-01 03:06:33 +0200 (Mon, 01 Jun 2009)
New Revision: 1166
Modified:
trunk/tests/resources/referer-xss.txt
Log:
Modified: trunk/tests/resources/referer-xss.txt
===================================================================
--- trunk/tests/resources/referer-xss.txt 2009-06-01 00:36:46 UTC (rev 1165)
+++ trunk/tests/resources/referer-xss.txt 2009-06-01 01:06:33 UTC (rev 1166)
@@ -9,7 +9,8 @@
always_archive_data = 1
2. go to /misc/testJavascriptTracker/ and fake the referer using, eg. RefControl options Firefox extension
-http://www.google.co.uk/search?hl=en&q=<script>alert('test');</script>
+http://www.google.co.uk/search?hl=en&q=';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
+http://example.com/';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
http://example.com/"<script>alert(''test'');</script>
http://example3.com/test>"'><script>alert('XSS')</script>
http://example.com/"><script>alert('yo')</script>
More information about the Piwik-svn
mailing list