sander/notes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update sectraining.md

Browse source
This commit is contained in:
Sander Hautvast 2024-02-05 10:30:09 +01:00 committed by GitHub
parent 76f903394e
commit eb9d88de37
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
sectraining.md
View file

@ -21,11 +21,11 @@ JavaScript frameworks (e.g., Angular, React) or server-side templating systems (
#### Java
|type| java |
|---|---|
|HTML Body <div>USER-CONTROLLED-DATA</div> | `Encode.forHtml` |
|HTML Attribute <input type="text" value="USER-CONTROLLED-DATA"> |`Encode.forHtmlAttribute`|
|URL Parameter <a href="/search?value=USER-CONTROLLED-DATA">Search</a> |`Encode.forUriComponent`|
|CSS String <div style="width: USER-CONTROLLED-DATA;">Selection</div>| `Encode.forCssString`|
|CSS URL <div style="background: USER-CONTROLLED-DATA "> |`Encode.forCssUrl`|
|JavaScript Block <script>alert("USER-CONTROLLED-DATA")</script>| `Encode.forJavaScriptBlock`|
|JavaScript Variable <button onclick="alert('USER-CONTROLLED-DATA');">click me</button> |`Encode.forJavaScriptVariable`|
|---|---|---|
|HTML Body |<div>USER-CONTROLLED-DATA</div> | `Encode.forHtml` |
|HTML Attribute| <input type="text" value="USER-CONTROLLED-DATA"> |`Encode.forHtmlAttribute`|
|URL Parameter| <a href="/search?value=USER-CONTROLLED-DATA">Search</a> |`Encode.forUriComponent`|
|CSS String |<div style="width: USER-CONTROLLED-DATA;">Selection</div>| `Encode.forCssString`|
|CSS URL| <div style="background: USER-CONTROLLED-DATA "> |`Encode.forCssUrl`|
|JavaScript Block |<script>alert("USER-CONTROLLED-DATA")</script>| `Encode.forJavaScriptBlock`|
|JavaScript Variable |<button onclick="alert('USER-CONTROLLED-DATA');">click me</button> |`Encode.forJavaScriptVariable`|