Gist XSS Verification Test

By louis.random on Skatehive

Gist Embed XSS Verification Test 1: Valid Gist Embed Baseline - should render gist embed: ~ embed:fffbe6a9e9858c7e3546fb1d55782152 gist metadata:YVZvbHBlL2ZmZmJlNmE5ZTk4NThjN2UzNTQ2ZmIxZDU1NzgyMTUy ~ Test 2: JSONP Callback Injection If alert() fires, JSONP callback injection works: ~ embed:test gist metadata:YVZvbHBlL2ZmZmJlNmE5ZTk4NThjN2UzNTQ2ZmIxZDU1NzgyMTUyLmpzb24/Y2FsbGJhY2s9YWxlcnQj ~ Test 3: Sanitizer Tests js href x Audit test by louis88