<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" lang="zh-CN" xml:lang="zh-CN">
<head>
<meta name="viewport"
content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test</title>
<script type="text/javascript" src="jquery.js"></script>
</head>
<body>
<form id="testForm" style="display:none" action="test2.html" method="post" >
<table>
<tr><td><input type="text" name="service" id="service" value="" readonly="readonly" ></td></tr>
<tr><td><input type="text" name ="time" id="time" value="" readonly="readonly"></td></tr>
<tr><td><input type="text" name="partner" id="partner" value="" readonly="readonly"></td></tr>
<tr><td><input type="text" name="sign" id="sign" value="" readonly="readonly"></td></tr>
</table>
</form>
<script>
$(function(){
var payHelper = {};
// var payHelper = e.PayHelper || And;
payHelper.service="payservice<";
payHelper.time=4563242321;
payHelper.partner=2;
payHelper.sign="sdf34df36dwfs>";
for(var attr in payHelper ) {
$("#"+attr).val(payHelper[attr]);
//console.log(attr+":"+payHelper[attr])
}
var frm = document.getElementById ('testForm');
if(typeof(target)!='undefined'){
frm.target=target;
}
//alert("form zhi = "+frm.elements(0))
//frm.submit();
var pattern = new RegExp("[`~!@#$^&*()=|{}':;',\\[\\].<>/?~!@#¥……&*()——|{}【】‘;:”“'。,、?]/g")
//var r = /[?|\-|<|>]/g;
var s = "123<script>alert(7838)<\/script>";
s = s.replace(/[<]/g, "<").replace(/[>]/g, ">")
alert("s = "+s);
getElementsInput()
})
function toPay(e){
}
function getElementsInput(formId) {
var form = $("#testForm");
var elements = new Array();
var tagElements = $('#testForm input[type=text]');
for (var j = 0; j < tagElements.length; j++){
//elements.push(tagElements[j]);
//alert(tagElements[j].id)
//alert($("#"+tagElements[j].id).val())
//alert(tagElements[j].value.replace(/[<]/g, "<").replace(/[>]/g, ">"))
alert($("#"+tagElements[j].id).val().replace(/[<]/g, "<").replace(/[>]/g, ">"))
$("#"+tagElements[j].id).val($("#"+tagElements[j].id).val().replace(/[<]/g, "<").replace(/[>]/g, ">"))
alert("Final = "+$("#service").val())
}
//return elements;
}
//var strtest = '<input type="hidden" name="jumpUrl" value="https://pay.baidu.com/front/userAccount/showMyAccount.htm"/><script>alert(7829)<script>">';
var strtest = 'sadasd<script>alert(7244)<script>';
var pRole = "/[~'!<>@#$%^&*()-+_=:]/g";
var pattern = new RegExp("[`~!@#$^&*()=|{}':;',\\[\\].<>/?~!@#¥……&*()——|{}【】‘;:”“'。,、?]")
var a = '1234"/><script>alert(7838)<\/script>';
function removeHTMLTag(str) {
//str = str.replace(/<\/?[^>]*>/g,''); //去除HTML tag
//str = str.replace(/[ | ]*\n/g,'\n'); //Remove trailing blanks
//str = str.replace(/\n[\s| | ]*\r/g,'\n'); //Remove extra blank lines
//str=str.replace(/ /ig,'');//Remove
//alert("a = "+str.replace(pattern, ''))
str = a.replace(pattern, '');
return str;
}
</script>
</body>
</html>
js filter angle brackets
Guess you like
Origin http://43.154.161.224:23101/article/api/json?id=326263188&siteId=291194637
Recommended
Ranking