mirror of
https://github.com/mermaid-js/mermaid.git
synced 2025-11-04 04:44:08 +01:00
45 lines
1.1 KiB
HTML
45 lines
1.1 KiB
HTML
<html>
|
|
<head>
|
|
<script src="/e2e.js"></script>
|
|
<link href="https://fonts.googleapis.com/css?family=Montserrat&display=swap" rel="stylesheet" />
|
|
<style>
|
|
.malware {
|
|
position: fixed;
|
|
bottom: 0;
|
|
left: 0;
|
|
right: 0;
|
|
height: 150px;
|
|
background: red;
|
|
color: black;
|
|
display: flex;
|
|
display: flex;
|
|
justify-content: center;
|
|
align-items: center;
|
|
font-family: monospace;
|
|
font-size: 72px;
|
|
}
|
|
</style>
|
|
<script>
|
|
function xssAttack() {
|
|
const div = document.createElement('div');
|
|
div.id = 'the-malware';
|
|
div.className = 'malware';
|
|
div.innerHTML = 'XSS Succeeded';
|
|
document.getElementsByTagName('body')[0].appendChild(div);
|
|
// const el = document.querySelector('.mermaid');
|
|
// el.parentNode.removeChild(el);
|
|
throw new Error('XSS Succeeded');
|
|
}
|
|
</script>
|
|
</head>
|
|
<body>
|
|
<script src="./mermaid.js"></script>
|
|
<script>
|
|
mermaid.initialize({
|
|
startOnLoad: false,
|
|
useMaxWidth: true,
|
|
});
|
|
</script>
|
|
</body>
|
|
</html>
|