We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
如果有人在消息里面输入下面这些信息会很有意思:
<img src='../content/emoji/22.gif' onload='alert("你们被我的XSS攻击!哈哈哈哈")' />这是一个攻击的消息!
建议作者把信息转义一下,直接innerHTML消息出来非常不安全
The text was updated successfully, but these errors were encountered:
更缺德的攻击: <img src='../content/emoji/22.gif' onload='alert("你们被我的XSS攻击!准备迎接崩溃吧!哈哈哈哈");for(var i=0;i>=0;i++){}' />这是一个攻击的消息!
<img src='../content/emoji/22.gif' onload='alert("你们被我的XSS攻击!准备迎接崩溃吧!哈哈哈哈");for(var i=0;i>=0;i++){}' />这是一个攻击的消息!
Sorry, something went wrong.
No branches or pull requests
如果有人在消息里面输入下面这些信息会很有意思:
<img src='../content/emoji/22.gif' onload='alert("你们被我的XSS攻击!哈哈哈哈")' />这是一个攻击的消息!建议作者把信息转义一下,直接innerHTML消息出来非常不安全
The text was updated successfully, but these errors were encountered: