Hello,
Firstly, I do not have any malicious intent out of this question. I would like to know what text to copy paste and test in my text areas and text boxes to see if they are stripped correctly.
Currently I use something as limited as:
<script>
alert('xss');
</script>
<a href="www.test.com" onclick="javascript:alert('xss');">test</a>
<img src="http://localhost/logo.gif" onclick="alert('xss');">
Can someone provide or suggest a comprehensive list of tests to check if my site is XSS-proof.
Thank you for your time.