// IMG STYLE with expression.
// @see https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet#IMG_STYLE_with_expression
- $data[] = ['exp/*<A STYLE=\'no\xss:noxss("*//*");
-xss:ex/*XSS*//*/*/pression(alert("XSS"))\'>', 'exp/*<A>'];
+ $data[] = [
+ 'exp/*<A STYLE=\'no\xss:noxss("*//*");
+xss:ex/*XSS*//*/*/pression(alert("XSS"))\'>',
+ 'exp/*<A>',
+ ];
// STYLE tag (Older versions of Netscape only).
// @see https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet#STYLE_tag_.28Older_versions_of_Netscape_only.29
// @see https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet#Downlevel-Hidden_block
$data[] = ['<!--[if gte IE 4]>
<SCRIPT>alert(\'XSS\');</SCRIPT>
- <![endif]-->', "\n alert('XSS');\n "];
+ <![endif]-->',
+ "\n alert('XSS');\n ",
+ ];
// BASE tag.
// @see https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet#BASE_tag