From c0e75387c5ce436f03f4775fad76d799a4bd8db2 Mon Sep 17 00:00:00 2001
From: mehmet salih bindak <mehmetsalihbindak@gmail.com>
Date: Sun, 25 Apr 2021 16:29:56 +0300
Subject: [PATCH] add <h1>

When I was start to BB, I did the what kxss do, manually. One day saw a case that, <>'" characters are encoding, but the tags didn't. So I could inject <svg onload=alert(1) easily. I really don't know why but I think adding a basic tag (like <h1>) will cover this case also.

Have a nice day!
---
 kxss/main.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kxss/main.go b/kxss/main.go
index 77a2102..886d985 100644
--- a/kxss/main.go
+++ b/kxss/main.go
@@ -73,7 +73,7 @@ func main() {
 	})
 
 	done := makePool(charChecks, func(c paramCheck, output chan paramCheck) {
-		for _, char := range []string{"\"", "'", "<", ">"} {
+		for _, char := range []string{"\"", "'", "<", ">","<h1>"} {
 			wasReflected, err := checkAppend(c.url, c.param, "aprefix"+char+"asuffix")
 			if err != nil {
 				fmt.Fprintf(os.Stderr, "error from checkAppend for url %s with param %s with %s: %s", c.url, c.param, char, err)