I try to get XSS in a GET request to work, but it is only working within BURP because there I can send for example >
as an not URL encoded string. As soon as I try it in the browser, it is no longer possble because the browser encodes the >
to %3e
and the XSS vector is gone...
Is it somehow possible to force the browser to not URL encode those characters when making the request?