attackVector property

String? attackVector

The attack vector of the payload triggering this XSS. Possible string values are:

• "ATTACK_VECTOR_UNSPECIFIED" : Unknown attack vector.
• "LOCAL_STORAGE" : The attack comes from fuzzing the browser's localStorage.
• "SESSION_STORAGE" : The attack comes from fuzzing the browser's sessionStorage.
• "WINDOW_NAME" : The attack comes from fuzzing the window's name property.
• "REFERRER" : The attack comes from fuzzing the referrer property.
• "FORM_INPUT" : The attack comes from fuzzing an input element.
• "COOKIE" : The attack comes from fuzzing the browser's cookies.
• "POST_MESSAGE" : The attack comes from hijacking the post messaging mechanism.
• "GET_PARAMETERS" : The attack comes from fuzzing parameters in the url.
• "URL_FRAGMENT" : The attack comes from fuzzing the fragment in the url.
• "HTML_COMMENT" : The attack comes from fuzzing the HTML comments.
• "POST_PARAMETERS" : The attack comes from fuzzing the POST parameters.
• "PROTOCOL" : The attack comes from fuzzing the protocol.
• "STORED_XSS" : The attack comes from the server side and is stored.
• "SAME_ORIGIN" : The attack is a Same-Origin Method Execution attack via a GET parameter.
• "USER_CONTROLLABLE_URL" : The attack payload is received from a third-party host via a URL that is user-controllable

Implementation

core.String? attackVector;