parsedown/test/data/xss_bad_url.html

<p><a href="javascript%3Aalert%281%29">xss</a></p>
<p><a href="javascript%3Aalert%281%29">xss</a></p>
<p><a href="javascript%3A//alert%281%29">xss</a></p>
<p><a href="javascript&amp;colon%3Balert%281%29">xss</a></p>
<p><img src="javascript%3Aalert%281%29" alt="xss" /></p>
<p><img src="javascript%3Aalert%281%29" alt="xss" /></p>
<p><img src="javascript%3A//alert%281%29" alt="xss" /></p>
<p><img src="javascript&amp;colon%3Balert%281%29" alt="xss" /></p>
<p><a href="data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">xss</a></p>
<p><a href="data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">xss</a></p>
<p><a href="data%3A//text/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">xss</a></p>
<p><a href="data&amp;colon%3Btext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">xss</a></p>
<p><img src="data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==" alt="xss" /></p>
<p><img src="data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==" alt="xss" /></p>
<p><img src="data%3A//text/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==" alt="xss" /></p>
<p><img src="data&amp;colon%3Btext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==" alt="xss" /></p>