Published: 08 October 2019 at 13:35 UTC Updated: 09 October 2019 at 07:01 UTC Whilst I was building the XSS cheatsheet I discovered some interesting behaviour in Chrome and Safari. For certain HTML elements, if you specify their ID in the URL fragment it will scroll to the element and fire a focus event. This can be triggered cross-domain using an iframe. I thought this could be abused to create a
![XS-Leak: Leaking IDs using focus](https://cdn-ak-scissors.b.st-hatena.com/image/square/6f27f0268482b6ef0f21b01da61d100db9a52c04/height=288;version=1;width=512/https%3A%2F%2Fportswigger.net%2Fcms%2Fimages%2F39%2F8f%2Fe774596e5b97-twittercard-cross-site-leaks-twitter.png)