Module: Google::Cloud::WebSecurityScanner::V1::Xss::AttackVector
- Defined in:
- proto_docs/google/cloud/websecurityscanner/v1/finding_addon.rb
Overview
Types of XSS attack vector.
Constant Summary collapse
- ATTACK_VECTOR_UNSPECIFIED =
Unknown attack vector.
0- LOCAL_STORAGE =
The attack comes from fuzzing the browser's localStorage.
1- SESSION_STORAGE =
The attack comes from fuzzing the browser's sessionStorage.
2- WINDOW_NAME =
The attack comes from fuzzing the window's name property.
3- REFERRER =
The attack comes from fuzzing the referrer property.
4- FORM_INPUT =
The attack comes from fuzzing an input element.
5- COOKIE =
The attack comes from fuzzing the browser's cookies.
6- POST_MESSAGE =
The attack comes from hijacking the post messaging mechanism.
7- GET_PARAMETERS =
The attack comes from fuzzing parameters in the url.
8- URL_FRAGMENT =
The attack comes from fuzzing the fragment in the url.
9- HTML_COMMENT =
The attack comes from fuzzing the HTML comments.
10- POST_PARAMETERS =
The attack comes from fuzzing the POST parameters.
11- PROTOCOL =
The attack comes from fuzzing the protocol.
12- STORED_XSS =
The attack comes from the server side and is stored.
13- SAME_ORIGIN =
The attack is a Same-Origin Method Execution attack via a GET parameter.
14- USER_CONTROLLABLE_URL =
The attack payload is received from a third-party host via a URL that is user-controllable
15