I came across these codes and I think a XSS exploit can be squeeze out of here but I don’t understand what this code does exactly. So I couldn’t write any successful XSS payload.
var hashvalue = window.location.hash.substring(1);
var i = $("[id *= ‘" + hashvalue + "’]");
Can you explain (specifically the role of * , $ and [ ] signs) the code a bit more?
I am not that good at JS so don’t judge me too much
var hashvalue = window.location.hash.substring(1);
extracts hash value from the URL, without actually # sign (substring() call starts from first sign, but chars in strings are indexed started from 0, so what you get is a part of url hash starting from first char after #).
So let’s say you’ve got an url:
http://server.com/somepage#test
When first line of your code runs, variable hashvalue equals ‘test’
Second line of code actually assigns to variable named i an element (I assume $ is global reference to jQuery, which is typical)
So:
var i = $("[id *= '" + hashvalue + "']");
means: "find in DOM tree an element, which id attribute equals ‘test’
id *= “some values”
is equal to: id = id * “some values”
It is equal to a += b that is a = a + b and so.
I guess the $ is part of the syntax of JQuery regarding to asing values to variables.
And the brackets are part of some of the generated value. If you see they are part of concatenation.
I’m not master of JS, I just have some knowledge about programming and I don’t remember where I read about JQuery and it looks like that.