Little HTML event attributes fuzzer

1. <!DOCTYPE html>
2. <html>
3. <head>
4. <title>Little HTML event attributes fuzzer - @qab</title>
5. </head>
6. <body>
7. <textarea id="qText" rows="30" cols="30" spellcheck="false" ></textarea>
8. <input type="button" id="qButt" value="Fuzz"/>
9.  
10. <textarea id="qVectors" rows="30" cols="40" spellcheck="false"></textarea>
11. <br/>
12. <iframe id="qFrame" width="500px" height="500px" sandbox="allow-forms allow-popups allow-scripts allow-same-origin allow-modals"></iframe>
13. <script>
14. qVectors.value='';
15. var qEvents=[];
16.  
17. var qTags=["a","Area","Audio","BR","Base","BaseFont","Button","Canvas","Content","dl","Data",
18. "DataList","Div","Embed","FieldSet","Form","head","HR","h1","IFrame","Image","img","Input",
19. "Keygen","LI","Label","Legend","Link","Map","Meta","Meter","del","ol","Object","OptGroup","Option",
20. "Output","p","Param","Picture","Pre","Progress","q","Script","Select","Shadow","Source","Span","Style",
21. "Caption","th","Col","td","Table","tr","tbody","TextArea","Time","Title","Track","ul","Video","picture","body","Qabandi","frameset","applet","svg"
22. ];
23.  
24. var qIncludes=function(str){//Check if qEvents contains a str
25. var t;
26. var tbr=false;
27. for(t in qEvents){
28. if(qEvents[t]===str){
29. tbr=true;
30. break;
31. };
32. };
33. return tbr;
34. };
35.  
36. var getAllEvents=function(q){//populates qEvents with all event attributes of passed object
37. var thing;
38. for(thing in q){
39. if(thing.indexOf('on')===0){
40. if(!qIncludes(thing)){
41. qEvents.push(thing);
42. };
43. };
44. };
45. };
46.  
47. getAllEvents(window);//get all event attributes in the window object
48. getAllEvents(document);//get all event attributes in the document object
49.  
50. //get all event attributes in most html elements.
51. var i;
52. for(i in qTags){
53. var qElem=document.createElement(qTags[i]);
54. getAllEvents(qElem);
55. };
56.  
57. //Display found event attributes
58. var qResult='Total: '+qEvents.length+'\n--------\n'+qEvents.join('\n');
59.  
60. qText.value=qResult;
61.  
62.  
63. //tests
64. var getAttributes=function(elm){//give element name, get set of attributes in html friendly form
65. var qElem=document.createElement(elm);
66.  
67. var qAttr;
68. var tbr=' ';
69. for(qAttr in qElem){
70. try{
71. if(qElem[qAttr]===''){
72. tbr+=qAttr+'="qab:andi" ';
73. };
74. }catch(e){};
75. };
76. return tbr;
77. };
78.  
79.  
80. var qEventAttributes=function(elem){
81. var red=' ';
82. var r;
83. for(r in qEvents){
84. red+=qEvents[r]+'="top.qPut(/'+qEvents[r]+':'+elem+'/.source)" ';
85. };
86.  
87. return red;
88. };
89.  
90. var qPut=function(q){//called from inside iframe to fill results.
91.  
92. qVectors.value+=q+'\n';
93. };
94. qButt.onclick=function(){
95. var thing;
96. var qi=0;
97.  
98. var qInt=setInterval(function(){console.log(qTags[qi]);
99. var qElemName=qTags[qi];
100. var qPayload='<'+qElemName+' '+qEventAttributes(qElemName)+' '+getAttributes(qElemName)+'></'+qElemName+'>';
101. if(navigator.userAgent.indexOf("Chrome") != -1 ){//Chrome
102. qFrame.srcdoc=qPayload;
103. }else if(navigator.userAgent.indexOf("Firefox")!= -1){//Firefox
104. qFrame.src='data:text/html,'+qPayload;
105. }
106. qi++;
107. if(qi==qTags.length){clearInterval(qInt);qFrame.src='about:blank'};
108.  
109. },250);
110.  
111. };
112. </script>
113.  
114. </body>
115. </html>