Security Issues Test Page

This page intentionally contains security issues for testing the audit system.

Inline Event Handlers

javascript: href

Insecure Form

Form Without CSRF Token

Autocomplete on Password

External Resources (no SRI)

This page would load external scripts without subresource integrity.

Links with target="_blank"

Opens in new tab (no noopener)

Sensitive Data in URL

Link with sensitive query params

localStorage with Sensitive Data

Check localStorage for sensitive data patterns.

Iframe Without Sandbox

Potential XSS Vectors

Content that might be vulnerable to innerHTML injection.

Console Logging

Check for exposed debug information in console.