List of properties that doesn't need parenthesis

By Pepe Villa (@cgvwzq ) - http://jsfiddle.net/MhLPG/1/

By
skeptic_fx 1 Seen 564 times
Tags
window xss no-parenthesis constructor
Run this test now.

Results


Tested on
Chrome - 50 - Windows
Property NameComments
Uint32Array
RangeError
Float64Array
Map
RegExp
Uint16Array
Array
URIError
Error
Int16Array
Uint8Array
ReferenceError
Function
WeakMap
String
Int32Array
TypeError
Float32Array
ArrayBuffer
EvalError
Number
Int8Array
WeakSet
Set
Boolean
Uint8ClampedArray
Object
SyntaxError
Date
SpeechSynthesisUtterance
webkitSpeechRecognition
webkitSpeechGrammarList
webkitSpeechGrammar
MediaSource
webkitAudioContext
AudioContext
webkitMediaStream
TextEncoder
TextDecoder
Response
RTCSessionDescription
Path2D
Headers
XSLTProcessor
Audio
InputDeviceCapabilities
XPathEvaluator
XMLSerializer
XMLHttpRequest
WebKitCSSMatrix
URLSearchParams
Text
Range
MessageChannel
Option
Image
FormData
FileReader
DocumentFragment
DOMParser
DOMException
Comment
Blob

Tested on
Chrome Mobile - 41 - Android
Property NameComments
Function
Float64Array
TypeError
Int16Array
Array
URIError
RegExp
EvalError
Uint8ClampedArray
Object
Uint32Array
Set
SyntaxError
Int32Array
WeakSet
Boolean
Error
ReferenceError
Date
Number
RangeError
Int8Array
Map
String
ArrayBuffer
WeakMap
gc
Uint16Array
Float32Array
Uint8Array
MediaSource
Response
Headers
webkitMediaStream
TextEncoder
TextDecoder
SpeechSynthesisUtterance
XSLTProcessor
Audio
XPathEvaluator
XMLSerializer
XMLHttpRequest
WebKitCSSMatrix
Text
Range
Path2D
MessageChannel
Option
Image
FormData
FileReader
DocumentFragment
DOMParser
Comment
Blob

Tested on
Firefox - 32 - Mac OS X
Property NameComments
Function
Object
TextDecoder
TextEncoder
Document
Array
Boolean
Date
Number
String
RegExp
Error
InternalError
EvalError
RangeError
ReferenceError
SyntaxError
TypeError
URIError
ArrayBuffer
Int8Array
Uint8Array
Int16Array
Uint16Array
Int32Array
Uint32Array
Float32Array
Float64Array
Uint8ClampedArray
WeakMap
Map
Set
mozRTCPeerConnection
Comment
Text
DOMRect
mozRTCSessionDescription
URLSearchParams
FileReader
DOMPoint
XMLSerializer
Range
DOMParser
AudioContext
XPathEvaluator
XMLHttpRequest
mozRTCIceCandidate
DOMQuad
FormData
Path2D
mozContact
SVGNumber
DocumentFragment

Tested on
Googlebot - 2.1 - undefined
Property NameComments
Int8Array
SyntaxError
Function
Float64Array
EvalError
Uint16Array
Float32Array
RangeError
Uint8ClampedArray
Int16Array
Number
Date
WeakMap
Uint32Array
WeakSet
String
Int32Array
Object
RegExp
gc
Uint8Array
Map
Error
Boolean
Set
Array
URIError
TypeError
ReferenceError
ArrayBuffer
MediaSource
Response
Headers
webkitMediaStream
TextEncoder
TextDecoder
SpeechSynthesisUtterance
XSLTProcessor
Audio
XPathEvaluator
XMLSerializer
XMLHttpRequest
WebKitCSSMatrix
Text
Range
Path2D
MessageChannel
Option
Image
FormData
FileReader
DocumentFragment
DOMParser
Comment
Blob

Tested on
IE - 11 - Windows 7
Property NameComments
Object
Array
Boolean
Date
Function
Number
String
RegExp
ArrayBuffer
Int8Array
Uint8Array
Uint8ClampedArray
Int16Array
Uint16Array
Int32Array
Uint32Array
Float32Array
Float64Array
WeakMap
Map
Set
Error
EvalError
RangeError
ReferenceError
SyntaxError
TypeError
URIError
Enumerator
Blob
DOMParser
FileReader
FormData
MSBlobBuilder
MSCSSMatrix
MSStreamReader
MessageChannel
WebGLContextEvent
XMLHttpRequest
XMLSerializer

Tested on
IE Mobile - 11 - Windows Phone 8
Property NameComments
Object
Array
Boolean
Date
Function
Number
String
RegExp
ArrayBuffer
Int8Array
Uint8Array
Int16Array
Uint16Array
Int32Array
Uint32Array
Float32Array
Float64Array
WeakMap
Map
Set
Error
EvalError
RangeError
ReferenceError
SyntaxError
TypeError
URIError
Enumerator
Blob
DOMParser
FileReader
FormData
MSBlobBuilder
MSCSSMatrix
MSGesture
MSStreamReader
MediaSource
MessageChannel
WebGLContextEvent
XMLHttpRequest
XMLSerializer

Tested on
Mobile Safari - 7 - iOS
Property NameComments
Object
Function
Array
Boolean
String
Number
Date
RegExp
Error
EvalError
RangeError
ReferenceError
SyntaxError
TypeError
URIError

Tested on
Safari - 7 - Mac OS X
Property NameComments
Object
Function
Array
Boolean
String
Number
Date
RegExp
Error
EvalError
RangeError
ReferenceError
SyntaxError
TypeError
URIError

User Script (ENUM_FUNCTION)

					
function test(data){

// data is the input variable that is supplied from the Enumeration List.
// Whenever, this test() function is called, it should invoke either addResult(), addSuccess(), addError() or addInfo()
// Each of the test() functions executes in an isolted IFRAME.
    addSuccess(data);
}


					
				

Enum Data (ENUM_FUNCTION)

					
// This is the ENUM variable, which will be enumerated.
// We will pass an array of objects which are of our interest to be logged.
var data = [];
var i, c;
var foo = Object.getOwnPropertyNames(window);
for(i in foo){
    try {
     c = window[foo[i]];
     if (c.prototype && c === c.prototype.constructor) {
         try {
             new c;
            data.push(foo[i]);
         } catch (e){}
     }
    } 
    catch(e){}
}