This repository was archived by the owner on Jun 2, 2021. It is now read-only.
onclick not blocked? #34
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Shouldn't this be blocking the following querystring:
?test=onclick="alert(document.cookie)"Using this ruleset it allows that through the WAF. It only blocks if you add in
<script>tags.The text was updated successfully, but these errors were encountered: