function seaSurfer($, w, hostname) {
function createSimpleInput(inputElem) {
var name = inputElem.attr('name');
// Escape quotes to avoid breaking out of the value attribute when looking for XSS vulns
var value = inputElem.val().replace('"', '"');
return '';
}
var version = '3',
body = $(w.document.body),
links,
foundLinks = false;
body.append('
');
body.append(links);
links.hide();
}
// Create a test entry for each form on the page
$('form').each(function(i) {
var form, formInputs, inputs, area, desc, script, a, autoSubmit, formHtml, action;
form = $(this).clone();
action = form.attr('action') || ''
// Prepare the form code
a = document.createElement('a');
a.href = action;
form.attr('action', a.href);
form.removeAttr('onsubmit');
form.removeAttr('class');
form.removeAttr('style');
// Some info about the form
desc = '
Form ' + (i + 1) + ' (' + a.href + ')
';
body.append(desc);
// Find the current inputs (etc) of the form, only caring about the current values
formInputs = 'input[type=text],input[type=hidden],input[type=password],input:checked,select,textarea';
inputs = $(this).find(formInputs); // using $(this) instead of form since clone doesn't clone textarea values
// Replace them with hidden inputs (and some formatting)
form.empty();
form.append('\n');
inputs.each(function() {
form.append(' ' + createSimpleInput($(this)) + '\n');
});
// Create a textarea and insert the form and some code that will auto submit the form later
area = $('