Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

bypassing xss filter

ghost

0 0

18 years ago

Is there any known way to bypass filter on img form: Filter add http:// after src=, after that I can add JS, but it doesn't work because of http. Hope I explain it ok. Tnx

ghost

0 0

18 years ago

Um, I'm not quite sure what you're trying to say…try listing some examples and whatnot.

I know this article it is realy useful. I found another option to complete the same thing, but I am still interested in old question (I am not really sure it can even be bypassed). Example: I can add for example:

javascript:alert(document.cookie)

into BB img tag (with some variatons). It create output in html:

&lt;img src=&quot;http://javascript:alert(document.cookie)&quot;&gt;

As you see it add http:// which disable javascript, so I am asking for a way to bypass this.

Do you like cookies? 🍪 We use cookies to ensure you get the best experience on our website. Learn more

bypassing xss filter

Uh oh. Looks like your using an ad blocker.

ghost

ghost

ghost

ghost