Client XSS Sources
URL-based DOM Property Sources
| # | DOM Property | Value |
|---|---|---|
| 1 | location | https://domgo.at/cxss/sources/somevalue |
| 2 | location.href | https://domgo.at/cxss/sources/somevalue |
| 3 | location.pathname | /cxss/sources/somevalue |
| 4 | location.search | |
| 5 | location.hash | |
| 6 | document.URL | https://domgo.at/cxss/sources/somevalue |
| 7 | document.documentURI | https://domgo.at/cxss/sources/somevalue |
| 8 | document.baseURI | https://domgo.at/cxss/sources/somevalue |
Navigation-based DOM Property Sources
| # | DOM Property | Value |
|---|---|---|
| 1 | window.name | Not set! |
| 2 | document.referrer | Not set! |
Communication based Sources
| # | Communication Type | Value |
|---|---|---|
| 1 | Ajax (XMLHTTPRequest/Fetch) | Some data via Ajax |
| 2 | WebSocket | No messages recieved! |
| 3 | Window Messaging | Some message from iframe via Window message |
Storage-based Sources
| # | Store Type | Key | Value |
|---|---|---|---|
| 1 | Cookie | - | Param=CookieValue |
| 2 | LocalStorage | TestKey | Test Value stored in LocalStorage |
| 3 | SessionStorage | TestKey | Test Value stored in SessionStorage |