mirror of
https://github.com/mermaid-js/mermaid.git
synced 2025-11-03 20:34:20 +01:00
48 lines
1.1 KiB
HTML
48 lines
1.1 KiB
HTML
<html>
|
|
<head>
|
|
<script src="/e2e.js"></script>
|
|
<link
|
|
href="https://fonts.googleapis.com/css?family=Montserrat&display=swap"
|
|
rel="stylesheet"
|
|
/>
|
|
<style>
|
|
.malware {
|
|
position: fixed;
|
|
bottom:0;
|
|
left:0;
|
|
right:0;
|
|
height: 150px;
|
|
background: red;
|
|
color: black;
|
|
display: flex;
|
|
display: flex;
|
|
justify-content: center;
|
|
align-items: center;
|
|
font-family: monospace;
|
|
font-size: 72px;
|
|
}
|
|
</style>
|
|
<script>
|
|
function xssAttack(){
|
|
const div = document.createElement('div')
|
|
div.id = 'the-malware'
|
|
div.className = 'malware'
|
|
div.innerHTML = 'XSS Succeeded'
|
|
document.getElementsByTagName('body')[0].appendChild(div);
|
|
// const el = document.querySelector('.mermaid');
|
|
// el.parentNode.removeChild(el);
|
|
throw new Error('XSS Succeded');
|
|
}
|
|
</script>
|
|
</head>
|
|
<body>
|
|
<script src="./mermaid.js"></script>
|
|
<script>
|
|
mermaid.initialize({
|
|
startOnLoad: false,
|
|
useMaxWidth: true,
|
|
});
|
|
</script>
|
|
</body>
|
|
</html>
|