Any transformation between the moment the request is received and the construction of the final HTML view can lead to filter bypass. If an HTTP parameter is URL decoded two times, it is enough to bypass the filter.
usage: bypass.py [-h] -i INPUT_FILE -o OUTPUT_FILE
bypass.py: error: the following arguments are required: -i/--input_file, -o/--output_filepython3 bypass.py -i xss.txt -o resultados.tx
