4.2.5. XSS数据源

4.2.5.1. URL

• location

• location.href

• location.pathname

• location.search

• location.hash

• document.URL

• document.documentURI

• document.baseURI

4.2.5.2. Navigation

• window.name

• document.referrer

4.2.5.3. Communication

• Ajax

• Fetch

• WebSocket

• PostMessage

4.2.5.4. Storage

• Cookie

• LocalStorage

• SessionStorage