diff options
-rw-r--r-- | src/xss/XSS.js | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/xss/XSS.js b/src/xss/XSS.js index 3d9068f..18630fa 100644 --- a/src/xss/XSS.js +++ b/src/xss/XSS.js @@ -179,6 +179,9 @@ var XSS = (() => { let unescapedDest = unescape(destUrl); let srcOrigin = srcObj ? srcObj.origin : ""; + if (srcOrigin === "null") { + srcOrigin = srcObj.href.replace(/[\?#].*/, ''); + } let destOrigin = destObj.origin; let isGet = method === "GET"; |