This tweet describes an exploratory attempt to bypass a Web Application Firewall (WAF) using an event handler payload. The individual notes that the technique did not work in their case because it appears to only function with inline styles, which are commonly blocked by WAFs. The tweet also mentions that triggering this bypass through img-src or connect-src directives would be ideal for evading WAF protections. Although the attempt was not successful, the author acknowledges it as a great approach for WAF bypass attempts. Overall, this highlights the ongoing research and experimentation with different payload delivery methods to find effective WAF bypass techniques.
Original tweet: https://twitter.com/bugraeskici/status/1948460794519470540