<script>$=%27XSSPOSED%27,alert%28$%29<%2fscript>?
回答 (3)
2015-07-28 10:26 am
It's messed up by the use (and worse, incorrect use) of HTML "character entities" for the single quotes, parentheses, and the forward slash. It's intended to be
<script>
$='XSSPOSED'
alert($)
</script>
In addition to translating %27, %28, %29, and %2F, I've removed the comma between 'XSSPOSED' and alert($). The semicolon is the correct statement separator in Javascript.
<script>
$='XSSPOSED'
alert($)
</script>
In addition to translating %27, %28, %29, and %2F, I've removed the comma between 'XSSPOSED' and alert($). The semicolon is the correct statement separator in Javascript.
2015-07-28 9:54 am
If you say so, mate.
2015-07-28 11:01 am
This is a bot...
收錄日期: 2021-05-03 03:12:25
原文連結 [永久失效]:
https://hk.answers.yahoo.com/question/index?qid=20150728015309AAi9bAF