Title |
Test
Find
Detect Javascript
|
Expression |
<script.*/*>|</script>|<[a-zA-Z][^>]*=['"]+javascript:\w+.*['"]+>|<\w+[^>]*\son\w+=.*[ /]*> |
Description |
Matches any opening or closing script tags, inline javascript: tags, inline on<function> (ex: onClick) tags.
MATCHES:
<a href="javascript:alert('test0');">
<a href='javascript:alert("test1");'>
<a href="#" onClick="alert('test2');" />
<script language="javascript" src="somewhere.js">
<script language="javascript" src="somewhere.js" />
<script>
</script> |
Matches |
<a href="javascript:alert('test0');"> or <a href="#" onClick="alert('test');" /> etc... |
Non-Matches |
This should not appear because in javascript: you can use the < operator or the > operator. |
Author |
Rating:
Not yet rated.
Denny Love
|
Source |
|
Your Rating |
|
Title: very nice
Name: stagl
Date: 10/15/2009 1:00:43 PM
Comment:
well thought out!