diff --git a/css-layout.js b/css-layout.js index dba6baa..16994d4 100644 --- a/css-layout.js +++ b/css-layout.js @@ -1,4 +1,9 @@ // tiny CSS layout "debugger" // from https://gist.github.com/addyosmani/fd3999ea7fce242756b1 // puts random color border around each element -[].forEach.call($$("*"),function(a){a.style.outline="1px solid #"+(~~(Math.random()*(1<<24))).toString(16)}) +/* global $$ */ +/* jshint -W016 */ +[].forEach.call($$('*'), + function (a) { + a.style.outline = '1px solid #' + (~~(Math.random() * (1 << 24))).toString(16); + }); diff --git a/harlem-shake-xss.js b/harlem-shake-xss.js index 5b01833..c948d52 100644 --- a/harlem-shake-xss.js +++ b/harlem-shake-xss.js @@ -1,2 +1,5 @@ // ready to dance, from https://github.com/DinisCruz/XSS-Pocs/blob/master/pocs/dance-xss.js -eval(atob(`IWZ1bmN0aW9uKCl7ZnVuY3Rpb24gYSgpe3ZhciBhPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoImxpbmsiKTthLnNldEF0dHJpYnV0ZSgidHlwZSIsInRleHQvY3NzIiksYS5zZXRBdHRyaWJ1dGUoInJlbCIsInN0eWxlc2hlZXQiKSxhLnNldEF0dHJpYnV0ZSgiaHJlZiIsdyksYS5zZXRBdHRyaWJ1dGUoImNsYXNzIix4KSxkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGEpfWZ1bmN0aW9uIGIoKXtmb3IodmFyIGE9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZSh4KSxiPTA7YjxhLmxlbmd0aDtiKyspZG9jdW1lbnQuYm9keS5yZW1vdmVDaGlsZChhW2JdKX1mdW5jdGlvbiBjKCl7dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iik7YS5zZXRBdHRyaWJ1dGUoImNsYXNzIix2KSxkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGEpLHNldFRpbWVvdXQoZnVuY3Rpb24oKXtkb2N1bWVudC5ib2R5LnJlbW92ZUNoaWxkKGEpfSwxMDApfWZ1bmN0aW9uIGQoYSl7cmV0dXJue2hlaWdodDphLm9mZnNldEhlaWdodCx3aWR0aDphLm9mZnNldFdpZHRofX1mdW5jdGlvbiBlKGEpe3ZhciBiPWQoYSk7cmV0dXJuIGIuaGVpZ2h0Pm4mJmIuaGVpZ2h0PHAmJmIud2lkdGg+byYmYi53aWR0aDxxfWZ1bmN0aW9uIGYoYSl7Zm9yKHZhciBiPWEsYz0wO2I7KWMrPWIub2Zmc2V0VG9wLGI9Yi5vZmZzZXRQYXJlbnQ7cmV0dXJuIGN9ZnVuY3Rpb24gZygpe3ZhciBhPWRvY3VtZW50LmRvY3VtZW50RWxlbWVudDtyZXR1cm4gd2luZG93LmlubmVyV2lkdGg/d2luZG93LmlubmVySGVpZ2h0OmEmJiFpc05hTihhLmNsaWVudEhlaWdodCk/YS5jbGllbnRIZWlnaHQ6MH1mdW5jdGlvbiBoKCl7cmV0dXJuIHdpbmRvdy5wYWdlWU9mZnNldD93aW5kb3cucGFnZVlPZmZzZXQ6TWF0aC5tYXgoZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LnNjcm9sbFRvcCxkb2N1bWVudC5ib2R5LnNjcm9sbFRvcCl9ZnVuY3Rpb24gaShhKXt2YXIgYj1mKGEpO3JldHVybiBiPj16JiZiPD15K3p9ZnVuY3Rpb24gaigpe3ZhciBhPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoImF1ZGlvIik7YS5zZXRBdHRyaWJ1dGUoImNsYXNzIix4KSxhLnNyYz1yLGEubG9vcD0hMSxhLmFkZEV2ZW50TGlzdGVuZXIoImNhbnBsYXkiLGZ1bmN0aW9uKCl7c2V0VGltZW91dChmdW5jdGlvbigpe2soQil9LDUwMCksc2V0VGltZW91dChmdW5jdGlvbigpe20oKSxjKCk7Zm9yKHZhciBhPTA7YTxFLmxlbmd0aDthKyspbChFW2FdKX0sMTU1MDApfSwhMCksYS5hZGRFdmVudExpc3RlbmVyKCJlbmRlZCIsZnVuY3Rpb24oKXttKCksYigpfSwhMCksYS5pbm5lckhUTUw9IiA8cD5JZiB5b3UgYXJlIHJlYWRpbmcgdGhpcywgaXQgaXMgYmVjYXVzZSB5b3VyIGJyb3dzZXIgZG9lcyBub3Qgc3VwcG9ydCB0aGUgYXVkaW8gZWxlbWVudC4gV2UgcmVjb21tZW5kIHRoYXQgeW91IGdldCBhIG5ldyBicm93c2VyLjwvcD4gPHA+Iixkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGEpLGEucGxheSgpfWZ1bmN0aW9uIGsoYSl7YS5jbGFzc05hbWUrPSIgIitzKyIgIit0fWZ1bmN0aW9uIGwoYSl7YS5jbGFzc05hbWUrPSIgIitzKyIgIit1W01hdGguZmxvb3IoTWF0aC5yYW5kb20oKSp1Lmxlbmd0aCldfWZ1bmN0aW9uIG0oKXtmb3IodmFyIGE9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShzKSxiPW5ldyBSZWdFeHAoIlxiIitzKyJcYiIpLGM9MDtjPGEubGVuZ3RoOylhW2NdLmNsYXNzTmFtZT1hW2NdLmNsYXNzTmFtZS5yZXBsYWNlKGIsIiIpfWZvcih2YXIgbj0zMCxvPTMwLHA9MzUwLHE9MzUwLHI9Ii8vczMuYW1hem9uYXdzLmNvbS9tb292d2ViLW1hcmtldGluZy9wbGF5Z3JvdW5kL2hhcmxlbS1zaGFrZS5tcDMiLHM9Im13LWhhcmxlbV9zaGFrZV9tZSIsdD0iaW1fZmlyc3QiLHU9WyJpbV9kcnVuayIsImltX2Jha2VkIiwiaW1fdHJpcHBpbiIsImltX2Jsb3duIl0sdj0ibXctc3Ryb2JlX2xpZ2h0Iix3PSIvL3MzLmFtYXpvbmF3cy5jb20vbW9vdndlYi1tYXJrZXRpbmcvcGxheWdyb3VuZC9oYXJsZW0tc2hha2Utc3R5bGUuY3NzIix4PSJtd19hZGRlZF9jc3MiLHk9ZygpLHo9aCgpLEE9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoIioiKSxCPW51bGwsQz0wO0M8QS5sZW5ndGg7QysrKXt2YXIgRD1BW0NdO2lmKGUoRCkmJmkoRCkpe0I9RDticmVha319aWYobnVsbD09PUQpcmV0dXJuIHZvaWQgY29uc29sZS53YXJuKCJDb3VsZCBub3QgZmluZCBhIG5vZGUgb2YgdGhlIHJpZ2h0IHNpemUuIFBsZWFzZSB0cnkgYSBkaWZmZXJlbnQgcGFnZS4iKTthKCksaigpO2Zvcih2YXIgRT1bXSxDPTA7QzxBLmxlbmd0aDtDKyspe3ZhciBEPUFbQ107ZShEKSYmRS5wdXNoKEQpfX0oKSxjb25zb2xlLmxvZygiRGFuY2Ugc2hvdWxkIHN0YXJ0IGFueSBtaW51dGUgbm93IiksaGlzdG9yeS5wdXNoU3RhdGUoe30sInNlY3VyZSIsIi9ub3RoaW5nL3RvL3NlZS9oZXJlLmh0bWwiKTs=`)) +/* jshint -W101 */ +/* jshint -W061 */ +/* eslint no-eval:0 */ +eval(atob('IWZ1bmN0aW9uKCl7ZnVuY3Rpb24gYSgpe3ZhciBhPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoImxpbmsiKTthLnNldEF0dHJpYnV0ZSgidHlwZSIsInRleHQvY3NzIiksYS5zZXRBdHRyaWJ1dGUoInJlbCIsInN0eWxlc2hlZXQiKSxhLnNldEF0dHJpYnV0ZSgiaHJlZiIsdyksYS5zZXRBdHRyaWJ1dGUoImNsYXNzIix4KSxkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGEpfWZ1bmN0aW9uIGIoKXtmb3IodmFyIGE9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZSh4KSxiPTA7YjxhLmxlbmd0aDtiKyspZG9jdW1lbnQuYm9keS5yZW1vdmVDaGlsZChhW2JdKX1mdW5jdGlvbiBjKCl7dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iik7YS5zZXRBdHRyaWJ1dGUoImNsYXNzIix2KSxkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGEpLHNldFRpbWVvdXQoZnVuY3Rpb24oKXtkb2N1bWVudC5ib2R5LnJlbW92ZUNoaWxkKGEpfSwxMDApfWZ1bmN0aW9uIGQoYSl7cmV0dXJue2hlaWdodDphLm9mZnNldEhlaWdodCx3aWR0aDphLm9mZnNldFdpZHRofX1mdW5jdGlvbiBlKGEpe3ZhciBiPWQoYSk7cmV0dXJuIGIuaGVpZ2h0Pm4mJmIuaGVpZ2h0PHAmJmIud2lkdGg+byYmYi53aWR0aDxxfWZ1bmN0aW9uIGYoYSl7Zm9yKHZhciBiPWEsYz0wO2I7KWMrPWIub2Zmc2V0VG9wLGI9Yi5vZmZzZXRQYXJlbnQ7cmV0dXJuIGN9ZnVuY3Rpb24gZygpe3ZhciBhPWRvY3VtZW50LmRvY3VtZW50RWxlbWVudDtyZXR1cm4gd2luZG93LmlubmVyV2lkdGg/d2luZG93LmlubmVySGVpZ2h0OmEmJiFpc05hTihhLmNsaWVudEhlaWdodCk/YS5jbGllbnRIZWlnaHQ6MH1mdW5jdGlvbiBoKCl7cmV0dXJuIHdpbmRvdy5wYWdlWU9mZnNldD93aW5kb3cucGFnZVlPZmZzZXQ6TWF0aC5tYXgoZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LnNjcm9sbFRvcCxkb2N1bWVudC5ib2R5LnNjcm9sbFRvcCl9ZnVuY3Rpb24gaShhKXt2YXIgYj1mKGEpO3JldHVybiBiPj16JiZiPD15K3p9ZnVuY3Rpb24gaigpe3ZhciBhPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoImF1ZGlvIik7YS5zZXRBdHRyaWJ1dGUoImNsYXNzIix4KSxhLnNyYz1yLGEubG9vcD0hMSxhLmFkZEV2ZW50TGlzdGVuZXIoImNhbnBsYXkiLGZ1bmN0aW9uKCl7c2V0VGltZW91dChmdW5jdGlvbigpe2soQil9LDUwMCksc2V0VGltZW91dChmdW5jdGlvbigpe20oKSxjKCk7Zm9yKHZhciBhPTA7YTxFLmxlbmd0aDthKyspbChFW2FdKX0sMTU1MDApfSwhMCksYS5hZGRFdmVudExpc3RlbmVyKCJlbmRlZCIsZnVuY3Rpb24oKXttKCksYigpfSwhMCksYS5pbm5lckhUTUw9IiA8cD5JZiB5b3UgYXJlIHJlYWRpbmcgdGhpcywgaXQgaXMgYmVjYXVzZSB5b3VyIGJyb3dzZXIgZG9lcyBub3Qgc3VwcG9ydCB0aGUgYXVkaW8gZWxlbWVudC4gV2UgcmVjb21tZW5kIHRoYXQgeW91IGdldCBhIG5ldyBicm93c2VyLjwvcD4gPHA+Iixkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGEpLGEucGxheSgpfWZ1bmN0aW9uIGsoYSl7YS5jbGFzc05hbWUrPSIgIitzKyIgIit0fWZ1bmN0aW9uIGwoYSl7YS5jbGFzc05hbWUrPSIgIitzKyIgIit1W01hdGguZmxvb3IoTWF0aC5yYW5kb20oKSp1Lmxlbmd0aCldfWZ1bmN0aW9uIG0oKXtmb3IodmFyIGE9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShzKSxiPW5ldyBSZWdFeHAoIlxiIitzKyJcYiIpLGM9MDtjPGEubGVuZ3RoOylhW2NdLmNsYXNzTmFtZT1hW2NdLmNsYXNzTmFtZS5yZXBsYWNlKGIsIiIpfWZvcih2YXIgbj0zMCxvPTMwLHA9MzUwLHE9MzUwLHI9Ii8vczMuYW1hem9uYXdzLmNvbS9tb292d2ViLW1hcmtldGluZy9wbGF5Z3JvdW5kL2hhcmxlbS1zaGFrZS5tcDMiLHM9Im13LWhhcmxlbV9zaGFrZV9tZSIsdD0iaW1fZmlyc3QiLHU9WyJpbV9kcnVuayIsImltX2Jha2VkIiwiaW1fdHJpcHBpbiIsImltX2Jsb3duIl0sdj0ibXctc3Ryb2JlX2xpZ2h0Iix3PSIvL3MzLmFtYXpvbmF3cy5jb20vbW9vdndlYi1tYXJrZXRpbmcvcGxheWdyb3VuZC9oYXJsZW0tc2hha2Utc3R5bGUuY3NzIix4PSJtd19hZGRlZF9jc3MiLHk9ZygpLHo9aCgpLEE9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoIioiKSxCPW51bGwsQz0wO0M8QS5sZW5ndGg7QysrKXt2YXIgRD1BW0NdO2lmKGUoRCkmJmkoRCkpe0I9RDticmVha319aWYobnVsbD09PUQpcmV0dXJuIHZvaWQgY29uc29sZS53YXJuKCJDb3VsZCBub3QgZmluZCBhIG5vZGUgb2YgdGhlIHJpZ2h0IHNpemUuIFBsZWFzZSB0cnkgYSBkaWZmZXJlbnQgcGFnZS4iKTthKCksaigpO2Zvcih2YXIgRT1bXSxDPTA7QzxBLmxlbmd0aDtDKyspe3ZhciBEPUFbQ107ZShEKSYmRS5wdXNoKEQpfX0oKSxjb25zb2xlLmxvZygiRGFuY2Ugc2hvdWxkIHN0YXJ0IGFueSBtaW51dGUgbm93IiksaGlzdG9yeS5wdXNoU3RhdGUoe30sInNlY3VyZSIsIi9ub3RoaW5nL3RvL3NlZS9oZXJlLmh0bWwiKTs='));