<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html dir="ltr" lang="zh-CN" xml:lang="zh-CN"> <head> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Test</title> <script type="text/javascript" src="jquery.js"></script> </head> <body> <form id="testForm" style="display:none" action="test2.html" method="post" > <table> <tr><td><input type="text" name="service" id="service" value="" readonly="readonly" ></td></tr> <tr><td><input type="text" name ="time" id="time" value="" readonly="readonly"></td></tr> <tr><td><input type="text" name="partner" id="partner" value="" readonly="readonly"></td></tr> <tr><td><input type="text" name="sign" id="sign" value="" readonly="readonly"></td></tr> </table> </form> <script> $(function(){ var payHelper = {}; // var payHelper = e.PayHelper || And; payHelper.service="payservice<"; payHelper.time=4563242321; payHelper.partner=2; payHelper.sign="sdf34df36dwfs>"; for(var attr in payHelper ) { $("#"+attr).val(payHelper[attr]); //console.log(attr+":"+payHelper[attr]) } var frm = document.getElementById ('testForm'); if(typeof(target)!='undefined'){ frm.target=target; } //alert("form zhi = "+frm.elements(0)) //frm.submit(); var pattern = new RegExp("[`~!@#$^&*()=|{}':;',\\[\\].<>/?~!@#¥……&*()——|{}【】‘;:”“'。,、?]/g") //var r = /[?|\-|<|>]/g; var s = "123<script>alert(7838)<\/script>"; s = s.replace(/[<]/g, "<").replace(/[>]/g, ">") alert("s = "+s); getElementsInput() }) function toPay(e){ } function getElementsInput(formId) { var form = $("#testForm"); var elements = new Array(); var tagElements = $('#testForm input[type=text]'); for (var j = 0; j < tagElements.length; j++){ //elements.push(tagElements[j]); //alert(tagElements[j].id) //alert($("#"+tagElements[j].id).val()) //alert(tagElements[j].value.replace(/[<]/g, "<").replace(/[>]/g, ">")) alert($("#"+tagElements[j].id).val().replace(/[<]/g, "<").replace(/[>]/g, ">")) $("#"+tagElements[j].id).val($("#"+tagElements[j].id).val().replace(/[<]/g, "<").replace(/[>]/g, ">")) alert("Final = "+$("#service").val()) } //return elements; } //var strtest = '<input type="hidden" name="jumpUrl" value="https://pay.baidu.com/front/userAccount/showMyAccount.htm"/><script>alert(7829)<script>">'; var strtest = 'sadasd<script>alert(7244)<script>'; var pRole = "/[~'!<>@#$%^&*()-+_=:]/g"; var pattern = new RegExp("[`~!@#$^&*()=|{}':;',\\[\\].<>/?~!@#¥……&*()——|{}【】‘;:”“'。,、?]") var a = '1234"/><script>alert(7838)<\/script>'; function removeHTMLTag(str) { //str = str.replace(/<\/?[^>]*>/g,''); //去除HTML tag //str = str.replace(/[ | ]*\n/g,'\n'); //Remove trailing blanks //str = str.replace(/\n[\s| | ]*\r/g,'\n'); //Remove extra blank lines //str=str.replace(/ /ig,'');//Remove //alert("a = "+str.replace(pattern, '')) str = a.replace(pattern, ''); return str; } </script> </body> </html>
js filter angle brackets
Guess you like
Origin http://43.154.161.224:23101/article/api/json?id=326263188&siteId=291194637
Recommended
Ranking