The XSS Sandbox


order(lowest first)
Max. String lenght (0 = unlimited, the rest will be cut off)
string replace #1 with
regex replace #1 with
base64 decode?
strip slashes?
add slashes?
add slashes? (again)
urldecode?
urlencode?
urlencode all characters?
htmlspecialchars?
htmlentities? (encodes things like ö as well)
html decimal encode all?
html hex encode all?
string replace #2 with
regex replace #2 with
regex replace #3 with
base64 encode?
wrap around: [cont] gets replaced with the content

headers: (seperated by newlines)

do not return the content as raw HTML