1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| <!doctype html>
| <html>
| <head>
| <title>测试</title>
| <meta charset="utf8">
| </head>
| <body>
| <pre id="result"></pre>
| </body>
| </html>
| <script src="xss.js"></script>
| <script>
| var code = '<script>alert("xss");</' + 'script>';
| document.querySelector('#result').innerText = code + '\n被转换成了\n' + filterXSS(code);
| </script>
|
|
