Congratulations! You’ve successfully handled a webmentioned note.
This test embeds XSS within the hcard name and time field. Clicking on
the name or title should not raise an alert.
Clicking this
should not cause an alert.
This div
should not alert.
Try clicking this link
<script>alert(“encoded-xss”)</script>
and this too. Mouse over this
should not cause an alert. This broken
should not throw an alert.
alert(“XSS4”);//
Congratulations! You’ve successfully handled a webmentioned note.
This test embeds XSS within the hcard name and time field. Clicking on
the name or title should not raise an alert.
Clicking this
should not cause an alert.
This div
should not alert.
Try clicking this link
<script>alert(“encoded-xss”)</script>
and this too.
Mouse over this
should not cause an alert. This broken
should not throw an alert.
alert(“XSS4”);//
Neither should .
Please look at the Owasp XSS prevention cheat sheet for more information.
A little webmentions test http://t.co/pJZksefJxS