> For the complete documentation index, see [llms.txt](https://kathan19.gitbook.io/howtohunt/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://kathan19.gitbook.io/howtohunt/xss/xss_bypass.md).

# XSS Bypass

## Introduction

For those new to Cross-Site Scripting (XSS) attacks, it is essential to first understand the fundamental concepts before exploring filter bypass techniques.

***

## Alternatives to `alert()`

Many web applications block the `alert()` function to mitigate XSS attacks. Below are alternative functions that can be used:

* **`confirm()`** instead of `alert()`
* **`prompt()`** instead of `alert()`
* **`console.log()`** instead of `alert()`
* **`eval()`** instead of `alert()`

***

## Alternatives to the `onerror` Event Handler

If the `onerror` event handler is blocked, the following alternatives can be used to trigger JavaScript execution:

* **`onload`**
* **`onfocus`**
* **`onmouseover`**
* **`onblur`**
* **`onclick`**
* **`onscroll`**

These event handlers can be embedded within HTML elements to execute scripts when the event is triggered.

***

## Handling Parentheses Filtering

If parentheses `()` are filtered, backticks `` ` ` `` can be used as an alternative. Examples:

```html
<script>alert`1`</script>
<img src=x onerror=alert`1`>
<img src=x onerror=prompt`1`>
javascript:prompt`1`
javascript:alert`1`
```

This method is effective against weak input sanitization mechanisms that only block standard function calls enclosed in parentheses.

***

## Additional Resources

For further learning and reference, the following resources provide comprehensive details on XSS filter evasion techniques:

1. **PortSwigger XSS Cheat Sheet** - [Visit PortSwigger](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet)
2. **OWASP XSS Filter Evasion Cheat Sheet** - [Visit OWASP](https://owasp.org/www-community/xss-filter-evasion-cheatsheet)

***

## Contact Information

For discussions and insights, you can connect with:

* [**@Fani Malik**](https://twitter.com/fanimalikhack/)

***

*Enhanced and reformatted for HowToHunt repository by* [*remonsec*](https://x.com/remonsec)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://kathan19.gitbook.io/howtohunt/xss/xss_bypass.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.