Code
<script>
function htmlspecialchars(string){
var data = [];
for(var i = 0 ;i <string.length;i++) {
data.push( "&#"+string.charCodeAt(i)+";");
}
return data.join("");
}
document.write(htmlspecialchars("@{}<script>javascript alert<\/script>"));
</script>
<script>
function filter (str) {
str = str.replace(/&/g, '&');
str = str.replace(/</g, '<');
str = str.replace(/>/g, '>');
str = str.replace(/'/g, '´');
str = str.replace(/"/g, '"');
str = str.replace(/\|/g, '¦');
return str;
}
alert(filter("url"))
</script>
posted @
2009-09-26 23:14
海天一色SDUST
阅读(
224)
评论()
编辑
收藏
举报