Example 6 returns unexpected false in isXssFound()
banakito opened this issue · 0 comments
banakito commented
What is this feature about (expected vs actual behaviour)?
Expected:
$harm_string = "\x3cscript src=http://www.example.com/malicious-code.js\x3e\x3c/script\x3e";
$harmless_string = $antiXss->xss_clean($harm_string);
$antiXss->isXssFound(); // true
Actual:
$antiXss->isXssFound(); // false
How can I reproduce it?
Just Execute code above
Does it take minutes, hours or days to fix?
IDK