@h4x0r_dz
Yes, I’m not saying it works on everything, but i have tested this on a vulnerable website I can probably show you in dm and it, it works mostly in file:// protocol, you can use file:///etc/random/../passwd, or on iframe on a vulnerable PDF HTML Injection to read /etc/passwd file