Client XSS Sources


URL-based DOM Property Sources

# DOM Property Value
1 location
2 location.href
3 location.pathname
4 location.search
5 location.hash
6 document.URL
7 document.documentURI
8 document.baseURI


Navigation-based DOM Property Sources

# DOM Property Value
1 window.name Not set!
2 document.referrer Not set!


Communication based Sources

# Communication Type Value
1 Ajax (XMLHTTPRequest/Fetch) No response recieved!
2 WebSocket No messages recieved!
3 Window Messaging No messages recieved!


Storage-based Sources

# Store Type Key Value
1 Cookie -
2 LocalStorage TestKey
3 SessionStorage TestKey