我使用的chrome完全屏蔽了,设置X-XSS-Protection也不好用,全部拦截,但使用Firefox可以用重现alert(1)效果
2018-01-07
<img src="null" onerror="alert(1)">
2018-01-04
简练精准。给这个老师赞。 要是每个老师像他这样的视频就好了。我们这些小白也能易懂。讲课的最终目的是为了让别人理解。不想别的老师,虽然说每个老师风格不一样,但目的都是一样,但有些老师过于style了。这里就不点名指了。我就这样的人。好就是好,原则性问题没得商量
2017-12-13
在google浏览器下不给上传含有标签的字符串,<p>上传不了</p>
其他的浏览器就可以.
(index):70 [Deprecation] Resource requests whose URLs contained both removed whitespace (`\n`, `\r`, `\t`) characters and less-than characters (`<`) are blocked. Please remove newlines and encode less-than characters from places like element attribute..
其他的浏览器就可以.
(index):70 [Deprecation] Resource requests whose URLs contained both removed whitespace (`\n`, `\r`, `\t`) characters and less-than characters (`<`) are blocked. Please remove newlines and encode less-than characters from places like element attribute..
2017-12-12
我点击评论,浏览器不给上传.直接报错了
(index):70 [Deprecation] Resource requests whose URLs contained both removed whitespace (`\n`, `\r`, `\t`) characters and less-than characters (`<`) are blocked. Please remove newlines and encode less-than characters from places like element attribute values in order....
(index):70 [Deprecation] Resource requests whose URLs contained both removed whitespace (`\n`, `\r`, `\t`) characters and less-than characters (`<`) are blocked. Please remove newlines and encode less-than characters from places like element attribute values in order....
2017-12-12