15 lines
328 B
HTML
15 lines
328 B
HTML
<!doctype html>
|
|
<html>
|
|
<head>
|
|
<title>测试</title>
|
|
<meta charset="utf8">
|
|
</head>
|
|
<body>
|
|
<pre id="result"></pre>
|
|
</body>
|
|
</html>
|
|
<script src="xss.js"></script>
|
|
<script>
|
|
var code = '<script>alert("xss");</' + 'script>';
|
|
document.querySelector('#result').innerText = code + '\n被转换成了\n' + filterXSS(code);
|
|
</script> |