[{"member": {"id": 86855, "username": "ipwx", "url": "u/ipwx", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/74e7/b1ce/86855_mini.png?m=1757498808", "avatar_normal": "https://cdn.v2ex.com/avatar/74e7/b1ce/86855_normal.png?m=1757498808", "avatar_large": "https://cdn.v2ex.com/avatar/74e7/b1ce/86855_large.png?m=1757498808", "created": 1418656775, "last_modified": 1757498808, "pro": 0}, "created": 1587711821, "topic_id": 665687, "content": "\u9996\u5148\uff0csql \u6ce8\u5165\u5f88\u597d\u89e3\u51b3\u3002\u7528 prepared statement \u5c31\u884c\u3002\u800c\u4e14 prepared statement \u6bd4 sql \u76f4\u63a5\u585e\u503c\u66f4\u9ad8\u6548\u3002\u53e6\u5916\uff0c\u5927\u90e8\u5206 ORM \u90fd\u80fd\u6709\u6548\u5229\u7528\u5404\u79cd\u673a\u5236\u9632\u6b62\u6ce8\u5165\u3002\r\n\r\n\u5176\u6b21\uff0c\u5bf9\u4e8e XSS \u3002\u5982\u679c\u4f60\u4e0d\u5728\u540e\u7aef\u68c0\u67e5\uff0c\u90a3\u4e48\u653b\u51fb\u8005\u603b\u80fd\u6784\u9020\u51fa\u8ba9\u4f60\u80fd\u5165\u5e93\u5e76\u539f\u6837\u8fd4\u56de\u7ed9\u524d\u7aef\u7684\u5185\u5bb9\u3002\u9664\u975e\u4f60\u524d\u7aef\u662f\u5728\u663e\u793a\u5185\u5bb9\u7684\u6700\u540e\u4e00\u6b65\u4e4b\u524d\u8fdb\u884c\u5904\u7406\uff0c\u5728\u63d0\u4ea4\u7684\u65f6\u5019\u8fc7\u6ee4\u662f\u65e0\u6548\u7684\u3002\u5f53\u7136\uff0c\u5982\u679c\u4f60\u524d\u7aef\u5728\u6700\u540e\u4e00\u6b65\u663e\u793a\u4e4b\u524d\u5904\u7406 XSS \u7684\u5185\u5bb9\uff0c\u90a3\u4e48\u540e\u7aef\u53ef\u80fd\u4e0d\u9700\u8981\u4efb\u4f55\u68c0\u67e5\uff0c\u4e5f\u4e0d\u9700\u8981\u4ec0\u4e48 404 \u4e4b\u7c7b\u7684\u72b6\u6001\u5417\u3002\u7ed3\u5408\u7b2c\u4e00\u6761\u7684\u89e3\u51b3\u65b9\u6848\uff0c\u6b63\u5e38\u5165\u5e93\u51fa\u5e93\u5c31\u884c\u3002\r\n\r\n\u4f46\u662f\u5bf9\u4e8e\u7528\u6237\u4f53\u9a8c\u800c\u8a00\uff0c\u6bcf\u6b21\u663e\u793a\u524d\u5904\u7406 XSS \u65e0\u7591\u4f1a\u5360\u7528 CPU \u8d44\u6e90\u3002\u8fd8\u4e0d\u5982\u4f60\u540e\u7aef\u5165\u5e93\u8fdb\u884c\u5904\u7406\u5462\u3002", "content_rendered": "\u9996\u5148\uff0csql \u6ce8\u5165\u5f88\u597d\u89e3\u51b3\u3002\u7528 prepared statement \u5c31\u884c\u3002\u800c\u4e14 prepared statement \u6bd4 sql \u76f4\u63a5\u585e\u503c\u66f4\u9ad8\u6548\u3002\u53e6\u5916\uff0c\u5927\u90e8\u5206 ORM \u90fd\u80fd\u6709\u6548\u5229\u7528\u5404\u79cd\u673a\u5236\u9632\u6b62\u6ce8\u5165\u3002

\u5176\u6b21\uff0c\u5bf9\u4e8e XSS \u3002\u5982\u679c\u4f60\u4e0d\u5728\u540e\u7aef\u68c0\u67e5\uff0c\u90a3\u4e48\u653b\u51fb\u8005\u603b\u80fd\u6784\u9020\u51fa\u8ba9\u4f60\u80fd\u5165\u5e93\u5e76\u539f\u6837\u8fd4\u56de\u7ed9\u524d\u7aef\u7684\u5185\u5bb9\u3002\u9664\u975e\u4f60\u524d\u7aef\u662f\u5728\u663e\u793a\u5185\u5bb9\u7684\u6700\u540e\u4e00\u6b65\u4e4b\u524d\u8fdb\u884c\u5904\u7406\uff0c\u5728\u63d0\u4ea4\u7684\u65f6\u5019\u8fc7\u6ee4\u662f\u65e0\u6548\u7684\u3002\u5f53\u7136\uff0c\u5982\u679c\u4f60\u524d\u7aef\u5728\u6700\u540e\u4e00\u6b65\u663e\u793a\u4e4b\u524d\u5904\u7406 XSS \u7684\u5185\u5bb9\uff0c\u90a3\u4e48\u540e\u7aef\u53ef\u80fd\u4e0d\u9700\u8981\u4efb\u4f55\u68c0\u67e5\uff0c\u4e5f\u4e0d\u9700\u8981\u4ec0\u4e48 404 \u4e4b\u7c7b\u7684\u72b6\u6001\u5417\u3002\u7ed3\u5408\u7b2c\u4e00\u6761\u7684\u89e3\u51b3\u65b9\u6848\uff0c\u6b63\u5e38\u5165\u5e93\u51fa\u5e93\u5c31\u884c\u3002

\u4f46\u662f\u5bf9\u4e8e\u7528\u6237\u4f53\u9a8c\u800c\u8a00\uff0c\u6bcf\u6b21\u663e\u793a\u524d\u5904\u7406 XSS \u65e0\u7591\u4f1a\u5360\u7528 CPU \u8d44\u6e90\u3002\u8fd8\u4e0d\u5982\u4f60\u540e\u7aef\u5165\u5e93\u8fdb\u884c\u5904\u7406\u5462\u3002", "last_modified": 1587711821, "member_id": 86855, "id": 8874528}, {"member": {"id": 44647, "username": "lneoi", "url": "u/lneoi", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "\u6211\u9047\u89c1\u4e86BUG\uff0c\u53ec\u5524\u4e86\u6211\u6765\u5230\u8fd9\u91cc\u3002\u7136\u540e\u6211\u5c31\u5fd8\u8bb0\u4e86BUG......", "avatar_mini": "https://cdn.v2ex.com/gravatar/1506bbe329d36c24ee85838609dd7f13?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/1506bbe329d36c24ee85838609dd7f13?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/1506bbe329d36c24ee85838609dd7f13?s=73&d=retro", "created": 1377839067, "last_modified": 1377839067, "pro": 0}, "created": 1587711922, "topic_id": 665687, "content": "\u524d\u540e\u7aef\u90fd\u5f97\u505a\u5904\u7406\r\n\u524d\u7aef\u6709\u4e00\u4e2a\u5e93\uff0c\u521a\u641c\u4e86\u4e0b\uff0c\u8fd9\u662f\u5b98\u7f51 https://jsxss.com", "content_rendered": "\u524d\u540e\u7aef\u90fd\u5f97\u505a\u5904\u7406
\u524d\u7aef\u6709\u4e00\u4e2a\u5e93\uff0c\u521a\u641c\u4e86\u4e0b\uff0c\u8fd9\u662f\u5b98\u7f51 https://jsxss.com", "last_modified": 1587711922, "member_id": 44647, "id": 8874544}, {"member": {"id": 415526, "username": "tctc4869", "url": "u/tctc4869", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_mini.png?m=1635391445", "avatar_normal": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_normal.png?m=1635391445", "avatar_large": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_large.png?m=1635391445", "created": 1558768286, "last_modified": 1635391445, "pro": 0}, "created": 1587712385, "topic_id": 665687, "content": "@lneoi \u8c22\u8c22", "content_rendered": "@lneoi \u8c22\u8c22", "last_modified": 1587712385, "member_id": 415526, "id": 8874599}, {"member": {"id": 467375, "username": "MOETAN0", "url": "u/MOETAN0", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/4fe4/cb39/467375_mini.png?m=1586313917", "avatar_normal": "https://cdn.v2ex.com/avatar/4fe4/cb39/467375_normal.png?m=1586313917", "avatar_large": "https://cdn.v2ex.com/avatar/4fe4/cb39/467375_large.png?m=1586313917", "created": 1580521688, "last_modified": 1586313917, "pro": 0}, "created": 1587712623, "topic_id": 665687, "content": "\u540e\u7aef\u5fc5\u9700\u5904\u7406\u3002\r\nxss \u653b\u51fb\u8005\u53ef\u4e0d\u4f1a\u8001\u8001\u5b9e\u5b9e\u5728\u4f60\u7684\u8f93\u5165\u6846\u91cc\u586b\u811a\u672c\uff0c\u6784\u9020\u4e00\u4e2a post \u8bf7\u6c42\u5c31\u53ef\u4ee5\u7ed5\u5f00\u5728 js \u4e0a\u7684\u5904\u7406\u3002", "content_rendered": "\u540e\u7aef\u5fc5\u9700\u5904\u7406\u3002
xss \u653b\u51fb\u8005\u53ef\u4e0d\u4f1a\u8001\u8001\u5b9e\u5b9e\u5728\u4f60\u7684\u8f93\u5165\u6846\u91cc\u586b\u811a\u672c\uff0c\u6784\u9020\u4e00\u4e2a post \u8bf7\u6c42\u5c31\u53ef\u4ee5\u7ed5\u5f00\u5728 js \u4e0a\u7684\u5904\u7406\u3002", "last_modified": 1587712623, "member_id": 467375, "id": 8874626}, {"member": {"id": 362, "username": "est", "url": "u/est", "website": "https://blog.est.im/", "twitter": "est", "psn": "", "github": "est", "btc": "19DKZpkThTAFcSnWyxJZn7HKzyo1ia6rxr", "location": "", "tagline": "vibe in progress", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/c3e8/78e2/362_mini.png?m=1757861521", "avatar_normal": "https://cdn.v2ex.com/avatar/c3e8/78e2/362_normal.png?m=1757861521", "avatar_large": "https://cdn.v2ex.com/avatar/c3e8/78e2/362_large.png?m=1757861521", "avatar_xlarge": "https://cdn.v2ex.com/avatar/c3e8/78e2/362_xlarge.png?m=1757861521", "avatar_xxlarge": "https://cdn.v2ex.com/avatar/c3e8/78e2/362_xxlarge.png?m=1757861521", "created": 1272882581, "last_modified": 1757861521, "pro": 0}, "created": 1587712660, "topic_id": 665687, "content": "\u4e00\u52b3\u6c38\u9038\u5f88\u7b80\u5355\u554a\u3002\u628a\u6240\u6709\u7528\u6237\u8f93\u5165\u8fc7\u6ee4\u6210 [a-zA-Z0-9]\u3002\u4e00\u6b21\u8fc7\u6ee4\u4e0d\u6210\u8fc7\u6ee4 2 \u6b21 \u3002", "content_rendered": "\u4e00\u52b3\u6c38\u9038\u5f88\u7b80\u5355\u554a\u3002\u628a\u6240\u6709\u7528\u6237\u8f93\u5165\u8fc7\u6ee4\u6210 [a-zA-Z0-9]\u3002\u4e00\u6b21\u8fc7\u6ee4\u4e0d\u6210\u8fc7\u6ee4 2 \u6b21 \u3002", "last_modified": 1587712660, "member_id": 362, "id": 8874631}, {"member": {"id": 267409, "username": "dilu", "url": "u/dilu", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/c633afbd75edf0f0c9473ebd0866d659?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/c633afbd75edf0f0c9473ebd0866d659?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/c633afbd75edf0f0c9473ebd0866d659?s=73&d=retro", "created": 1510802107, "last_modified": 1510802107, "pro": 0}, "created": 1587712948, "topic_id": 665687, "content": "sql \u6ce8\u5165\u5c31\u4e0d\u8bf4\u4e86 1l \u65b9\u6848\u5b8c\u5168\u6ca1\u95ee\u9898\r\n\r\n\u81f3\u4e8e xss php \u6709\u5185\u7f6e\u51fd\u6570\uff0c\u76f4\u63a5\u8f6c\u6362\u6240\u6709 html \u6807\u7b7e\u4e3a\u5b9e\u4f53\u6807\u7b7e\uff0c\u4e5f\u53ef\u4ee5\u76f4\u63a5\u53bb\u6389\u5168\u90e8 html \u6807\u7b7e\r\n\r\n\u4e00\u53e5\u8bdd\uff0cphp \u4e13\u4e3a web \u800c\u751f \u9999", "content_rendered": "sql \u6ce8\u5165\u5c31\u4e0d\u8bf4\u4e86 1l \u65b9\u6848\u5b8c\u5168\u6ca1\u95ee\u9898

\u81f3\u4e8e xss php \u6709\u5185\u7f6e\u51fd\u6570\uff0c\u76f4\u63a5\u8f6c\u6362\u6240\u6709 html \u6807\u7b7e\u4e3a\u5b9e\u4f53\u6807\u7b7e\uff0c\u4e5f\u53ef\u4ee5\u76f4\u63a5\u53bb\u6389\u5168\u90e8 html \u6807\u7b7e

\u4e00\u53e5\u8bdd\uff0cphp \u4e13\u4e3a web \u800c\u751f \u9999", "last_modified": 1587712948, "member_id": 267409, "id": 8874664}, {"member": {"id": 438369, "username": "Leon6868", "url": "u/Leon6868", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "\u2611 LLM |\u2611 CSS | \u2611 All In Web \u8df5\u884c\u8005", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/14ed/48e6/438369_mini.png?m=1748955348", "avatar_normal": "https://cdn.v2ex.com/avatar/14ed/48e6/438369_normal.png?m=1748955348", "avatar_large": "https://cdn.v2ex.com/avatar/14ed/48e6/438369_large.png?m=1748955348", "created": 1566961594, "last_modified": 1748955348, "pro": 0}, "created": 1587712986, "topic_id": 665687, "content": "\u524d\u7aef\u57fa\u672c\u9632\u4e0d\u4f4f\r\n\u4f60\u8981\u540e\u7aef\u5904\u7406\u624d\u884c", "content_rendered": "\u524d\u7aef\u57fa\u672c\u9632\u4e0d\u4f4f
\u4f60\u8981\u540e\u7aef\u5904\u7406\u624d\u884c", "last_modified": 1587712986, "member_id": 438369, "id": 8874672}, {"member": {"id": 415526, "username": "tctc4869", "url": "u/tctc4869", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_mini.png?m=1635391445", "avatar_normal": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_normal.png?m=1635391445", "avatar_large": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_large.png?m=1635391445", "created": 1558768286, "last_modified": 1635391445, "pro": 0}, "created": 1587713107, "topic_id": 665687, "content": "@MOETAN0 \u6211\u7684\u540e\u7aef\u4e0d\u662f\u4e0d\u5904\u7406\uff0c\u800c\u662f\u5904\u7406\u6bd4\u8f83\u7b80\u5355\u7c97\u66b4\uff0c\u5728\u540e\u7aef\uff0c\u628a\u68c0\u6d4b\u5230\u5e26\u6709\u7684\u975e\u6cd5\u5b57\u7b26\u7684\u8bf7\u6c42\u8fd4\u56de\u4e2a 404,403 \u4e4b\u7c7b\u7684\u9519\u8bef\u7801\uff0c\u628a\u522b\u6709\u7528\u5fc3\u7684\u6784\u9020\u8bf7\u6c42\u7684\u653b\u51fb\u8005\u6321\u5728\u5916\u9762\u3002", "content_rendered": "@MOETAN0 \u6211\u7684\u540e\u7aef\u4e0d\u662f\u4e0d\u5904\u7406\uff0c\u800c\u662f\u5904\u7406\u6bd4\u8f83\u7b80\u5355\u7c97\u66b4\uff0c\u5728\u540e\u7aef\uff0c\u628a\u68c0\u6d4b\u5230\u5e26\u6709\u7684\u975e\u6cd5\u5b57\u7b26\u7684\u8bf7\u6c42\u8fd4\u56de\u4e2a 404,403 \u4e4b\u7c7b\u7684\u9519\u8bef\u7801\uff0c\u628a\u522b\u6709\u7528\u5fc3\u7684\u6784\u9020\u8bf7\u6c42\u7684\u653b\u51fb\u8005\u6321\u5728\u5916\u9762\u3002", "last_modified": 1587713107, "member_id": 415526, "id": 8874689}, {"member": {"id": 415526, "username": "tctc4869", "url": "u/tctc4869", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_mini.png?m=1635391445", "avatar_normal": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_normal.png?m=1635391445", "avatar_large": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_large.png?m=1635391445", "created": 1558768286, "last_modified": 1635391445, "pro": 0}, "created": 1587713334, "topic_id": 665687, "content": "@Leon6868 \u770b\u6e05\u695a\u554a\uff0c\u6211\u5e76\u4e0d\u662f\u8bf4\u540e\u7aef\u4e0d\u5904\u7406\uff0c\u53ea\u662f\u524d\u7aef\u5df2\u7ecf\u8fc7\u6ee4\u4e86\uff0c\u5c31\u4ee3\u8868\u5df2\u7ecf\u662f\u5b89\u5168\u7684\u4e86\uff0c\u6ca1\u6709\u5fc5\u8981\u5728\u540e\u7aef\u518d\u6765\u4e00\u6b21\u8fc7\u6ee4\uff0c\u800c\u540e\u7aef\u5904\u7406\u5c31\u6bd4\u8f83\u7b80\u5355\uff0c\u4e0d\u7528\u641e\u8fc7\u6ee4\u7b49\u64cd\u4f5c\uff0c\u628a\u68c0\u6d4b\u5230\u975e\u6cd5\u5b57\u7b26\u7684\u8bf7\u6c42\u8fd4\u56de\u4e2a\u5982 404 \u9519\u8bef\u6216\u65e0\u7528\u7684\u4fe1\u606f\u7ed9\u653b\u51fb\u8005\u3002", "content_rendered": "@Leon6868 \u770b\u6e05\u695a\u554a\uff0c\u6211\u5e76\u4e0d\u662f\u8bf4\u540e\u7aef\u4e0d\u5904\u7406\uff0c\u53ea\u662f\u524d\u7aef\u5df2\u7ecf\u8fc7\u6ee4\u4e86\uff0c\u5c31\u4ee3\u8868\u5df2\u7ecf\u662f\u5b89\u5168\u7684\u4e86\uff0c\u6ca1\u6709\u5fc5\u8981\u5728\u540e\u7aef\u518d\u6765\u4e00\u6b21\u8fc7\u6ee4\uff0c\u800c\u540e\u7aef\u5904\u7406\u5c31\u6bd4\u8f83\u7b80\u5355\uff0c\u4e0d\u7528\u641e\u8fc7\u6ee4\u7b49\u64cd\u4f5c\uff0c\u628a\u68c0\u6d4b\u5230\u975e\u6cd5\u5b57\u7b26\u7684\u8bf7\u6c42\u8fd4\u56de\u4e2a\u5982 404 \u9519\u8bef\u6216\u65e0\u7528\u7684\u4fe1\u606f\u7ed9\u653b\u51fb\u8005\u3002", "last_modified": 1587713334, "member_id": 415526, "id": 8874715}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587713343, "topic_id": 665687, "content": "SQL \u6ce8\u5165\u7684\u4e00\u52b3\u6c38\u9038\uff0c\u5c31\u662f \u4e0d\u786c\u62fc SQL\uff0c\u53ea\u7528 prepared statement\uff0c\u53c2\u6570\u548c\u8bed\u53e5\u5206\u79bb\u5f00\r\n\r\nXSS \u6ce8\u5165\u7684\u4e00\u52b3\u6c38\u9038\uff0c\u5c31\u662f \u4e0d\u64cd\u4f5c html\uff0c\u53ea\u64cd\u4f5c txt\r\n\u8ba4\u4e3a \u7528\u6237\u8f93\u5165\u3001\u540e\u7aef\u8fd4\u56de \u7684\u6570\u636e\u5fc5\u987b\u662f\u6587\u672c\uff0c\u800c\u4e0d\u662f\u7f51\u9875\u7684\u4e00\u90e8\u5206\r\n\u4e5f\u5c31\u662f\u4e0d\u7528 JS \u7684 innerHTML, jQuery \u7684 html()\r\n\u53ea\u7528 JS \u7684 innerText (IE) \u548c textContent (Firefox), jQuery \u7684 text()\uff0c\u6bdb\u7684\u6ce8\u5165\u90fd\u4e0d\u5b58\u5728\u4e86\r\n\r\n\u5176\u4f59\u6240\u6709\u4ec0\u4e48 \u68c0\u9a8c\u3001\u8f6c\u7801 \u90fd\u662f\u8fa3\u9e21\u65b9\u6cd5\uff0c\u8fc7\u65f6\u7684\uff0c\u8bef\u5bfc\u65b0\u4eba\u7684\r\n\u6211\u5c31\u60f3\u7528'\r\n \r\n \r\n \r\n\u770b\u6e05\u695a\u4e86\uff0c\u522b\u544a\u8bc9\u6211\u4f60\u770b\u4e0d\u61c2\u3002", "content_rendered": "@moonlord \u5c31\u4f60\u8fd9\u6280\u672f\u8fd8\u5f00\u535a\u5ba2\uff0c\u76f4\u63a5\u7ed9\u4f60\u4e00\u6bb5\u4ee3\u7801\u6253\u4f60\u8138\u3002
\u4f60\u662f\u8bf4\u53ea\u9700\u8981\u7528 innerText \u5c31\u53ef\u4ee5\u9632\u662f\u5427\uff1f
<html>
<body>
<p id=\"test\">hello world </p>
<script>
var cOntent= document.getElementById(\"test\");
content.innerText='</script><script>alert(11);</script>'
</script>
</body>
</html>
\u770b\u6e05\u695a\u4e86\uff0c\u522b\u544a\u8bc9\u6211\u4f60\u770b\u4e0d\u61c2\u3002", "last_modified": 1587715267, "member_id": 446598, "id": 8874943}, {"member": {"id": 55793, "username": "TangMonk", "url": "u/TangMonk", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_mini.png?m=1644466105", "avatar_normal": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_normal.png?m=1644466105", "avatar_large": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_large.png?m=1644466105", "avatar_xlarge": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_xlarge.png?m=1644466105", "avatar_xxlarge": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_xxlarge.png?m=1644466105", "created": 1392206286, "last_modified": 1644466105, "pro": 0}, "created": 1587715301, "topic_id": 665687, "content": "@livid\uff0c \u8fd9\u4e2a\u4eba\u8bf4\u8bdd\u4e5f\u592a\u4e0d\u53cb\u597d\u4e86", "content_rendered": "@livid\uff0c \u8fd9\u4e2a\u4eba\u8bf4\u8bdd\u4e5f\u592a\u4e0d\u53cb\u597d\u4e86", "last_modified": 1587715301, "member_id": 55793, "id": 8874946}, {"member": {"id": 55793, "username": "TangMonk", "url": "u/TangMonk", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_mini.png?m=1644466105", "avatar_normal": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_normal.png?m=1644466105", "avatar_large": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_large.png?m=1644466105", "avatar_xlarge": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_xlarge.png?m=1644466105", "avatar_xxlarge": "https://cdn.v2ex.com/avatar/c5f1/ae9e/55793_xxlarge.png?m=1644466105", "created": 1392206286, "last_modified": 1644466105, "pro": 0}, "created": 1587715313, "topic_id": 665687, "content": "@TangMonk #29 moonlord", "content_rendered": "@TangMonk #29 moonlord", "last_modified": 1587715313, "member_id": 55793, "id": 8874948}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587715434, "topic_id": 665687, "content": "@whoami9894 \u6ca1\u529e\u6cd5\uff0c\u6211\u51fa\u9762\u6253\u4ed6\u8138\u3002", "content_rendered": "@whoami9894 \u6ca1\u529e\u6cd5\uff0c\u6211\u51fa\u9762\u6253\u4ed6\u8138\u3002", "last_modified": 1587715434, "member_id": 446598, "id": 8874959}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587715643, "topic_id": 665687, "content": "@fancy111 \r\n\r\n\u4f60\u90fd\u7ed9\u7237\u6574\u7b11\u4e86\uff01\r\n\u4f60\u5199\u4e86\u4e2a HTML\uff0c\u91cc\u9762\u5c31\u662f \uff0c\u5b8c\u4e86\u5f39\u51fa\u6765\u4e86\uff0c\u6240\u4ee5\u5462\uff1f\r\n\u4f60\u5728\u9017\u6211\u5417\uff1f\r\n\u6d4f\u89c8\u5668\u90fd\u62a5\u9519\u4e86 Uncaught SyntaxError: Invalid or unexpected token\r\n\u4f60\u8fd9\u6839\u672c\u90fd\u4e0d\u7b26\u5408 JS \u8bed\u6cd5\uff0c\u4f60\u662f\u6765\u641e\u7b11\u7684\u5417\uff1f\r\n\r\n\u6765\u6211\u5bf9\u9f50\u7ed9\u4f60\uff1a\r\n\r\n\r\n

hello world

\r\n\r\n'\r\n\r\n\r\n", "content_rendered": "@fancy111

\u4f60\u90fd\u7ed9\u7237\u6574\u7b11\u4e86\uff01
\u4f60\u5199\u4e86\u4e2a HTML\uff0c\u91cc\u9762\u5c31\u662f <script>alert(11);</script>\uff0c\u5b8c\u4e86\u5f39\u51fa\u6765\u4e86\uff0c\u6240\u4ee5\u5462\uff1f
\u4f60\u5728\u9017\u6211\u5417\uff1f
\u6d4f\u89c8\u5668\u90fd\u62a5\u9519\u4e86 Uncaught SyntaxError: Invalid or unexpected token
\u4f60\u8fd9\u6839\u672c\u90fd\u4e0d\u7b26\u5408 JS \u8bed\u6cd5\uff0c\u4f60\u662f\u6765\u641e\u7b11\u7684\u5417\uff1f

\u6765\u6211\u5bf9\u9f50\u7ed9\u4f60\uff1a
<html>
<body>
<p id=\"test\">hello world </p>
<script>
var cOntent= document.getElementById(\"test\");
content.innerText='
</script>
<script>
alert(11);
</script>'
</script>
</body>
</html>", "last_modified": 1587715643, "member_id": 221715, "id": 8874980}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587715720, "topic_id": 665687, "content": "@moonlord XSS \u9700\u8981\u7b26\u5408\u8bed\u6cd5\u3002\u3002\u3002\u3002 \u54c8\u54c8\u54c8 \r\n\u6211\u6ca1\u7a7a\u8ddf\u4f60\u778e\u626f\u4e86\u3002 \u522b\u4eba\u770b\u4e86\u4f1a\u66ff\u6211\u603c\u4f60\u7684", "content_rendered": "@moonlord XSS \u9700\u8981\u7b26\u5408\u8bed\u6cd5\u3002\u3002\u3002\u3002 \u54c8\u54c8\u54c8
\u6211\u6ca1\u7a7a\u8ddf\u4f60\u778e\u626f\u4e86\u3002 \u522b\u4eba\u770b\u4e86\u4f1a\u66ff\u6211\u603c\u4f60\u7684", "last_modified": 1587715720, "member_id": 446598, "id": 8874990}, {"member": {"id": 282705, "username": "whoami9894", "url": "u/whoami9894", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_mini.png?m=1583073579", "avatar_normal": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_normal.png?m=1583073579", "avatar_large": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_large.png?m=1583073579", "created": 1515941292, "last_modified": 1583073579, "pro": 0}, "created": 1587715761, "topic_id": 665687, "content": "@fancy111 \r\n\u867d\u7136\u6211\u5f88\u60f3\u633a\u4f60\uff0c\u4f46\u4f60\u8fd9\u4e2a\u4f8b\u5b50\u786e\u5b9e\u4e0d\u5bf9\r\n\u6d4f\u89c8\u5668\u89e3\u6790 HTML \u65f6\u4f1a\u5148\u89e3\u6790 HTML\uff0c\u7136\u540e\u624d\u662f JS \u3002\u4e5f\u5c31\u662f\u8bf4\u4f60\u8fd9\u6bb5\u4ee3\u7801\u91cc`content.innerText=''`\u7684\u7b2c\u4e00\u4e2a``\u5728 HTML \u89e3\u6790\u9636\u6bb5\u88ab\u5f53\u505a script \u95ed\u5408\u6807\u7b7e\u4e86\r\n\r\n\u6240\u4ee5\u8fd9\u6bb5\u4ee3\u7801\u88ab\u4ea4\u7ed9 JS \u5f15\u64ce\u89e3\u6790\u65f6\u662f\u8fd9\u6837\u7684 \r\n\r\n\r\n", "content_rendered": "@fancy111
\u867d\u7136\u6211\u5f88\u60f3\u633a\u4f60\uff0c\u4f46\u4f60\u8fd9\u4e2a\u4f8b\u5b50\u786e\u5b9e\u4e0d\u5bf9
\u6d4f\u89c8\u5668\u89e3\u6790 HTML \u65f6\u4f1a\u5148\u89e3\u6790 HTML\uff0c\u7136\u540e\u624d\u662f JS \u3002\u4e5f\u5c31\u662f\u8bf4\u4f60\u8fd9\u6bb5\u4ee3\u7801\u91cc`content.innerText='</script><script>alert(11);</script>'`\u7684\u7b2c\u4e00\u4e2a`</script>`\u5728 HTML \u89e3\u6790\u9636\u6bb5\u88ab\u5f53\u505a script \u95ed\u5408\u6807\u7b7e\u4e86

\u6240\u4ee5\u8fd9\u6bb5\u4ee3\u7801\u88ab\u4ea4\u7ed9 JS \u5f15\u64ce\u89e3\u6790\u65f6\u662f\u8fd9\u6837\u7684
<script>
var cOntent= document.getElementById(\"test\");
content.innerText='
</script>

<script>
alert(11);
</script>", "last_modified": 1587715761, "member_id": 282705, "id": 8874997}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587715830, "topic_id": 665687, "content": "@moonlord \u53e6\u5916 \u4f60\u8981\u7b26\u5408\u8bed\u6cd5\uff0c\u524d\u9762\u52a0\u4e2a\u5206\u53f7\u5c31\u884c\u4e86\u3002 \r\n \u6211\u771f\u7684\u4e0d\u60f3\u603c\u4f60\uff0c\u6280\u672f\u4e0d\u884c\u4e0d\u8981\u592a\u81ea\u4fe1\u3002\u5f88\u5bb9\u6613\u88ab\u6253\u8138\uff01", "content_rendered": "@moonlord \u53e6\u5916 \u4f60\u8981\u7b26\u5408\u8bed\u6cd5\uff0c\u524d\u9762\u52a0\u4e2a\u5206\u53f7\u5c31\u884c\u4e86\u3002
\u6211\u771f\u7684\u4e0d\u60f3\u603c\u4f60\uff0c\u6280\u672f\u4e0d\u884c\u4e0d\u8981\u592a\u81ea\u4fe1\u3002\u5f88\u5bb9\u6613\u88ab\u6253\u8138\uff01", "last_modified": 1587715830, "member_id": 446598, "id": 8875002}, {"member": {"id": 136676, "username": "wooyuntest", "url": "u/wooyuntest", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/58ef51e4cf011251842d8c33e906a5eb?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/58ef51e4cf011251842d8c33e906a5eb?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/58ef51e4cf011251842d8c33e906a5eb?s=73&d=retro", "created": 1441277686, "last_modified": 1498719303, "pro": 0}, "created": 1587715881, "topic_id": 665687, "content": "\u4e0d\u80fd\uff0c\u540e\u7aef\u5fc5\u987b\u53c2\u4e0e\u5904\u7406\u3002\u5176\u5b9e\u65e0\u8bba\u662f\u524d\u7aef\u8fd8\u662f\u540e\u7aef\uff0c\u63a5\u6536\u5230\u6570\u636e\u540e\u90fd\u9700\u8981\u8fdb\u884c\u5fc5\u8981\u7684\u6821\u9a8c\u624d\u80fd\u5230\u4e0b\u4e00\u6b65\u6d41\u7a0b\uff0c\u5305\u62ec\u540e\u7aef\u4ece\u6570\u636e\u5e93\u91cc\u53d6\u51fa\u6765\u7684\u6570\u636e\uff0c\u90fd\u8981\u6821\u9a8c\u3001\u8fc7\u6ee4\u3001\u5904\u7406\u540e\u624d\u80fd\u8fdb\u5230\u4e0b\u4e00\u6b65\u6d41\u7a0b\uff0c\u5426\u5219\u4f1a\u5f15\u8d77\u201c\u4e8c\u6b21\u6ce8\u5165\u201d\u7b49\u95ee\u9898\u3002\r\n\u603b\u7ed3\u4e0b\u6765\u5c31\u662f\uff1aDO NOT Trust, Always Verify.", "content_rendered": "\u4e0d\u80fd\uff0c\u540e\u7aef\u5fc5\u987b\u53c2\u4e0e\u5904\u7406\u3002\u5176\u5b9e\u65e0\u8bba\u662f\u524d\u7aef\u8fd8\u662f\u540e\u7aef\uff0c\u63a5\u6536\u5230\u6570\u636e\u540e\u90fd\u9700\u8981\u8fdb\u884c\u5fc5\u8981\u7684\u6821\u9a8c\u624d\u80fd\u5230\u4e0b\u4e00\u6b65\u6d41\u7a0b\uff0c\u5305\u62ec\u540e\u7aef\u4ece\u6570\u636e\u5e93\u91cc\u53d6\u51fa\u6765\u7684\u6570\u636e\uff0c\u90fd\u8981\u6821\u9a8c\u3001\u8fc7\u6ee4\u3001\u5904\u7406\u540e\u624d\u80fd\u8fdb\u5230\u4e0b\u4e00\u6b65\u6d41\u7a0b\uff0c\u5426\u5219\u4f1a\u5f15\u8d77\u201c\u4e8c\u6b21\u6ce8\u5165\u201d\u7b49\u95ee\u9898\u3002
\u603b\u7ed3\u4e0b\u6765\u5c31\u662f\uff1aDO NOT Trust, Always Verify.", "last_modified": 1587715881, "member_id": 136676, "id": 8875008}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587715920, "topic_id": 665687, "content": "@whoami9894 \u4f60\u771f\u662f\u50bb\u3002 \u4e0d\u62a5\u9519\u7684\u6211\u5df2\u7ecf\u8bf4\u4e86\uff0c\u53e6\u5916\u73a9 XSS \u6216\u8005\u5176\u4ed6\u6ce8\u5165\uff0c\u4e0d\u7528\u8003\u8651\u4ec0\u4e48\u62a5\u9519\uff0c\u62a5\u9519\u80fd\u8fd0\u884c\u5c31\u662f\u6700\u597d\u7684\u3002 \u4e00\u770b\u4f60\u4eec\u5c31\u662f\u5c0f\u767d\uff0c\u641e\u8fc7\u9ed1\u5ba2\u5417\uff1f \u5509\u3002\u3002\u3002\u3002 \u7d2f", "content_rendered": "@whoami9894 \u4f60\u771f\u662f\u50bb\u3002 \u4e0d\u62a5\u9519\u7684\u6211\u5df2\u7ecf\u8bf4\u4e86\uff0c\u53e6\u5916\u73a9 XSS \u6216\u8005\u5176\u4ed6\u6ce8\u5165\uff0c\u4e0d\u7528\u8003\u8651\u4ec0\u4e48\u62a5\u9519\uff0c\u62a5\u9519\u80fd\u8fd0\u884c\u5c31\u662f\u6700\u597d\u7684\u3002 \u4e00\u770b\u4f60\u4eec\u5c31\u662f\u5c0f\u767d\uff0c\u641e\u8fc7\u9ed1\u5ba2\u5417\uff1f \u5509\u3002\u3002\u3002\u3002 \u7d2f", "last_modified": 1587715920, "member_id": 446598, "id": 8875011}, {"member": {"id": 282705, "username": "whoami9894", "url": "u/whoami9894", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_mini.png?m=1583073579", "avatar_normal": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_normal.png?m=1583073579", "avatar_large": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_large.png?m=1583073579", "created": 1515941292, "last_modified": 1583073579, "pro": 0}, "created": 1587716109, "topic_id": 665687, "content": "@fancy111 \u4ed6\u7684\u610f\u601d\u662f\u524d\u7aef JS \u64cd\u7eb5\u6570\u636e\u65f6\u7528 innerText\uff0c\u4f60\u8fd9\u79cd\u60c5\u51b5\u662f\u540e\u7aef\u76f4\u63a5\u6e32\u67d3 HTML\uff0c\u6240\u4ee5\u5b9e\u9645\u4e0d\u80fd\u53cd\u9a73\u4ed6\u5bf9\u4e8e\u524d\u7aef\u64cd\u7eb5\u6570\u636e\u7684\u8bf4\u6cd5\r\n\r\n\r\n@moonlord \r\n\u4f7f\u7528 innerText \u7b49\u505a\u6cd5\u90fd\u662f\u5728\u524d\u540e\u7aef\u5206\u79bb\uff0c\u524d\u7aef JS \u64cd\u7eb5\u6570\u636e\u7684\u524d\u63d0\u4e0b\uff0c\u540e\u7aef\u76f4\u63a5\u6e32\u67d3 HTML \u8fd4\u56de\u4f60\u76f4\u63a5\u907f\u8fc7\u4e0d\u63d0\uff1f\u6ca1\u4ec0\u4e48\u597d\u6760\u7684\r\n\r\n@neoblackcap \r\n\u786e\u5b9e\u3002\u6211\u7684\u610f\u601d\u7684\u662f\u603b\u6709\u4e00\u4e9b\u590d\u6742\u7684\u4e1a\u52a1\u573a\u666f\uff0c\u6240\u4ee5\u60f3\u5bfb\u6c42\u4e00\u52b3\u6c38\u9038\u7684\u89e3\u51b3\u65b9\u5f0f\u662f\u4e0d\u592a\u73b0\u5b9e\u7684", "content_rendered": "@fancy111 \u4ed6\u7684\u610f\u601d\u662f\u524d\u7aef JS \u64cd\u7eb5\u6570\u636e\u65f6\u7528 innerText\uff0c\u4f60\u8fd9\u79cd\u60c5\u51b5\u662f\u540e\u7aef\u76f4\u63a5\u6e32\u67d3 HTML\uff0c\u6240\u4ee5\u5b9e\u9645\u4e0d\u80fd\u53cd\u9a73\u4ed6\u5bf9\u4e8e\u524d\u7aef\u64cd\u7eb5\u6570\u636e\u7684\u8bf4\u6cd5

@moonlord
\u4f7f\u7528 innerText \u7b49\u505a\u6cd5\u90fd\u662f\u5728\u524d\u540e\u7aef\u5206\u79bb\uff0c\u524d\u7aef JS \u64cd\u7eb5\u6570\u636e\u7684\u524d\u63d0\u4e0b\uff0c\u540e\u7aef\u76f4\u63a5\u6e32\u67d3 HTML \u8fd4\u56de\u4f60\u76f4\u63a5\u907f\u8fc7\u4e0d\u63d0\uff1f\u6ca1\u4ec0\u4e48\u597d\u6760\u7684

@neoblackcap
\u786e\u5b9e\u3002\u6211\u7684\u610f\u601d\u7684\u662f\u603b\u6709\u4e00\u4e9b\u590d\u6742\u7684\u4e1a\u52a1\u573a\u666f\uff0c\u6240\u4ee5\u60f3\u5bfb\u6c42\u4e00\u52b3\u6c38\u9038\u7684\u89e3\u51b3\u65b9\u5f0f\u662f\u4e0d\u592a\u73b0\u5b9e\u7684", "last_modified": 1587716109, "member_id": 282705, "id": 8875038}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587716197, "topic_id": 665687, "content": "@wooyuntest @fancy111 \r\n\u4e00\u77e5\u534a\u89e3\u592a\u53ef\u6015\u4e86\r\n\u4f60\u96be\u9053\u6ca1\u6ce8\u610f\u5230\u6211\u5199\u7684 \r\n\u73b0\u5728\u5728 v2ex\uff0c\u5c31\u662f\u539f\u5c01\u4e0d\u52a8\u663e\u793a\u7684\u5417\uff1f\r\n\u8fd8\u5728\u8bf4\u4ec0\u4e48\u68c0\u9a8c\u3001\u7f16\u7801\u3001\u8fc7\u6ee4\uff0c\u6211\u670d\u4e86\u3002\r\n\u770b\u770b 10 \u697c\uff0c\u597d\u5417\uff0c\u4eb2\uff1f", "content_rendered": "@wooyuntest @fancy111
\u4e00\u77e5\u534a\u89e3\u592a\u53ef\u6015\u4e86
\u4f60\u96be\u9053\u6ca1\u6ce8\u610f\u5230\u6211\u5199\u7684 <script>alert(\"\u83dc\u9e21\u4e0d\u8981\u8bf4\u8bdd\");</script>
\u73b0\u5728\u5728 v2ex\uff0c\u5c31\u662f\u539f\u5c01\u4e0d\u52a8\u663e\u793a\u7684\u5417\uff1f
\u8fd8\u5728\u8bf4\u4ec0\u4e48\u68c0\u9a8c\u3001\u7f16\u7801\u3001\u8fc7\u6ee4\uff0c\u6211\u670d\u4e86\u3002
\u770b\u770b 10 \u697c\uff0c\u597d\u5417\uff0c\u4eb2\uff1f", "last_modified": 1587716197, "member_id": 221715, "id": 8875045}, {"member": {"id": 282705, "username": "whoami9894", "url": "u/whoami9894", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_mini.png?m=1583073579", "avatar_normal": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_normal.png?m=1583073579", "avatar_large": "https://cdn.v2ex.com/avatar/98db/b7ad/282705_large.png?m=1583073579", "created": 1515941292, "last_modified": 1583073579, "pro": 0}, "created": 1587716264, "topic_id": 665687, "content": "@fancy111 \r\n@moonlord \r\n\u679c\u7136\u6211\u5c31\u4e0d\u8be5\u56de\u590d\u4f60\u4eec\uff0c\u4f60\u4fe9\u662f\u4e00\u7c7b\u4eba\u3002\u5148\u6253\u7262\u57fa\u7840\u5427\uff0c\u54ea\u6765\u7684\u4e00\u80a1\u871c\u6c41\u81ea\u4fe1", "content_rendered": "@fancy111
@moonlord
\u679c\u7136\u6211\u5c31\u4e0d\u8be5\u56de\u590d\u4f60\u4eec\uff0c\u4f60\u4fe9\u662f\u4e00\u7c7b\u4eba\u3002\u5148\u6253\u7262\u57fa\u7840\u5427\uff0c\u54ea\u6765\u7684\u4e00\u80a1\u871c\u6c41\u81ea\u4fe1", "last_modified": 1587716264, "member_id": 282705, "id": 8875054}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587716318, "topic_id": 665687, "content": "@whoami9894 \u8bf4\u5b9e\u8bdd\uff0c\u7ed9\u4f60\u4eec\u89e3\u91ca\u6211\u5f88\u7d2f\u3002\u3002\u3002 \r\n\u4f60\u6570\u636e\u662f json \u7684\u5427\uff1f text \u662f' \uff0c\u4f60\u628a\u8fd9\u4e2a\u7528 innerText \u663e\u793a\u51fa\u6765\uff0c\u4e0d\u662f\u6ce8\u5165\u4e86\u5417\uff1f\r\n\u8fd8\u4ed6\u7684\u610f\u601d\u662f\u524d\u7aef JS \u64cd\u4f5c\u6570\u636e\u3002\u3002\u3002\u6ca1\u540e\u7aef\u5904\u7406\u4f60\u80fd\u64cd\u4f5c\u5565\u554a\uff1f", "content_rendered": "@whoami9894 \u8bf4\u5b9e\u8bdd\uff0c\u7ed9\u4f60\u4eec\u89e3\u91ca\u6211\u5f88\u7d2f\u3002\u3002\u3002
\u4f60\u6570\u636e\u662f json \u7684\u5427\uff1f text \u662f'</script><script>alert(11);</script> \uff0c\u4f60\u628a\u8fd9\u4e2a\u7528 innerText \u663e\u793a\u51fa\u6765\uff0c\u4e0d\u662f\u6ce8\u5165\u4e86\u5417\uff1f
\u8fd8\u4ed6\u7684\u610f\u601d\u662f\u524d\u7aef JS \u64cd\u4f5c\u6570\u636e\u3002\u3002\u3002\u6ca1\u540e\u7aef\u5904\u7406\u4f60\u80fd\u64cd\u4f5c\u5565\u554a\uff1f", "last_modified": 1587716318, "member_id": 446598, "id": 8875064}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587716330, "topic_id": 665687, "content": "@whoami9894 \r\n9102 \u5e74\u90fd\u8fc7\u4e86\uff0c\u73b0\u5728 2020 \u5e74\u4e86\uff0c\u6211\u8fd9\u91cc\u53cd\u6b63\u53ea\u6709\u524d\u540e\u7aef\u5206\u79bb\u7684\u9879\u76ee", "content_rendered": "@whoami9894
9102 \u5e74\u90fd\u8fc7\u4e86\uff0c\u73b0\u5728 2020 \u5e74\u4e86\uff0c\u6211\u8fd9\u91cc\u53cd\u6b63\u53ea\u6709\u524d\u540e\u7aef\u5206\u79bb\u7684\u9879\u76ee", "last_modified": 1587716330, "member_id": 221715, "id": 8875066}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587716383, "topic_id": 665687, "content": "@moonlord \u54c8\u54c8 V2EX \u6ca1\u540e\u7aef\u5904\u7406\uff0c\u4f60\u771f\u662f\u9017\u3002 \r\n\u8981\u4e0d\u4f60\u7ed9\u4e2a\u7f51\u5740\u6765\u5427\uff0c\u76f4\u63a5\u7ed9\u4f60\u6f14\u793a\u3002", "content_rendered": "@moonlord \u54c8\u54c8 V2EX \u6ca1\u540e\u7aef\u5904\u7406\uff0c\u4f60\u771f\u662f\u9017\u3002
\u8981\u4e0d\u4f60\u7ed9\u4e2a\u7f51\u5740\u6765\u5427\uff0c\u76f4\u63a5\u7ed9\u4f60\u6f14\u793a\u3002", "last_modified": 1587716383, "member_id": 446598, "id": 8875077}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587716415, "topic_id": 665687, "content": "@fancy111 \r\n\u4f60\u53ef\u4ee5\u8bd5\u8bd5\u4f60\u8bf4\u7684 \u201c\u4f60\u628a\u8fd9\u4e2a\u7528 innerText \u663e\u793a\u51fa\u6765\uff0c\u4e0d\u662f\u6ce8\u5165\u4e86\u5417\u201d\uff0c\u6839\u672c\u4e0d\u4f1a\u5f39\u51fa\u6765\r\n\u6211\u5199\u7684 \u5728\u8fd9\u91cc\uff0c\u73b0\u5728\u5c31\u662f innerText \u663e\u793a\u51fa\u6765\u7684\uff0c\u5f39\u4e86\u5417\uff1f", "content_rendered": "@fancy111
\u4f60\u53ef\u4ee5\u8bd5\u8bd5\u4f60\u8bf4\u7684 \u201c\u4f60\u628a\u8fd9\u4e2a\u7528 innerText \u663e\u793a\u51fa\u6765\uff0c\u4e0d\u662f\u6ce8\u5165\u4e86\u5417\u201d\uff0c\u6839\u672c\u4e0d\u4f1a\u5f39\u51fa\u6765
\u6211\u5199\u7684 <script>alert(\"\u83dc\u9e21\u4e0d\u8981\u8bf4\u8bdd\");</script> \u5728\u8fd9\u91cc\uff0c\u73b0\u5728\u5c31\u662f innerText \u663e\u793a\u51fa\u6765\u7684\uff0c\u5f39\u4e86\u5417\uff1f", "last_modified": 1587716415, "member_id": 221715, "id": 8875081}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587716556, "topic_id": 665687, "content": "@moonlord \u6211\u5df2\u7ecf\u4e0d\u60f3\u8bf4\u4e86\uff0c\u4e0d\u559c\u6b22 BB \u3002\u4f60\u8fde\u7f51\u9875\u57fa\u672c\u6d41\u7a0b\u90fd\u4e0d\u61c2\uff0c\u6211\u7ed9\u4f60\u626f\u4ec0\u4e48\u554a\u3002\u4f60\u5199\u7684", "content_rendered": "<script>alert(1)</script>", "last_modified": 1587717876, "member_id": 338509, "id": 8875282}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587717896, "topic_id": 665687, "content": "@SilentDepth \r\n\uff1f\uff1f\uff1f \r\n\u6b63\u786e\u7b54\u6848\u770b 10 \u697c\u3002\r\n\u8f6c\u4e49\u6ca1\u8f6c\u4e49\uff0c\u53f3\u952e\u5ba1\u67e5\u770b\u4e0b\u4e0d\u5c31\u77e5\u9053\uff1f\uff1f\uff1f", "content_rendered": "@SilentDepth
\uff1f\uff1f\uff1f
\u6b63\u786e\u7b54\u6848\u770b 10 \u697c\u3002
\u8f6c\u4e49\u6ca1\u8f6c\u4e49\uff0c\u53f3\u952e\u5ba1\u67e5\u770b\u4e0b\u4e0d\u5c31\u77e5\u9053\uff1f\uff1f\uff1f", "last_modified": 1587717896, "member_id": 221715, "id": 8875289}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587717968, "topic_id": 665687, "content": "@fancy111 \u7b11\u6b7b\u6211\u4e86\uff0c\u884c\u5427\u884c\u5427\uff0c\u4f60\u5c31\u5f53\u4ed6\u4eec\u540e\u7aef\u8fc7\u6ee4\u4e86\u4f60\u4e0d\u5b58\u5728\u7684\u5b57\u7b26\uff0c\u7136\u540e\u6700\u540e\u603b\u4e4b\u5c31\u6ca1\u6ce8\u5165\u6210\u529f\u5427\uff0c\u54c8\u54c8\u54c8", "content_rendered": "@fancy111 \u7b11\u6b7b\u6211\u4e86\uff0c\u884c\u5427\u884c\u5427\uff0c\u4f60\u5c31\u5f53\u4ed6\u4eec\u540e\u7aef\u8fc7\u6ee4\u4e86\u4f60\u4e0d\u5b58\u5728\u7684\u5b57\u7b26\uff0c\u7136\u540e\u6700\u540e\u603b\u4e4b\u5c31\u6ca1\u6ce8\u5165\u6210\u529f\u5427\uff0c\u54c8\u54c8\u54c8", "last_modified": 1587717968, "member_id": 221715, "id": 8875298}, {"member": {"id": 129339, "username": "SilentDepth", "url": "u/SilentDepth", "website": "", "twitter": "SilentDepthCN", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=73&d=retro", "created": 1438093159, "last_modified": 1678779245, "pro": 0}, "created": 1587718034, "topic_id": 665687, "content": "@moonlord #70 10 \u697c\u7684\u5185\u5bb9\u6211\u770b\u4e86\u554a\uff0c\u6240\u4ee5\u6211\u5728\u95ee\u5982\u679c\u6709\u6e32\u67d3\u7528\u6237 HTML \u8981\u600e\u4e48\u529e\u3002\u4ee5\u53ca\uff0c\u5927\u6982\u6211\u4eec\u5bf9\u8f6c\u4e49\u903b\u8f91\u7684\u7406\u89e3\u4e0d\u540c\uff0c\u6ca1\u8bf4\u5230\u4e00\u4ef6\u4e8b\u60c5\u4e0a\u3002", "content_rendered": "@moonlord #70 10 \u697c\u7684\u5185\u5bb9\u6211\u770b\u4e86\u554a\uff0c\u6240\u4ee5\u6211\u5728\u95ee\u5982\u679c\u6709\u6e32\u67d3\u7528\u6237 HTML \u8981\u600e\u4e48\u529e\u3002\u4ee5\u53ca\uff0c\u5927\u6982\u6211\u4eec\u5bf9\u8f6c\u4e49\u903b\u8f91\u7684\u7406\u89e3\u4e0d\u540c\uff0c\u6ca1\u8bf4\u5230\u4e00\u4ef6\u4e8b\u60c5\u4e0a\u3002", "last_modified": 1587718034, "member_id": 129339, "id": 8875307}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587718046, "topic_id": 665687, "content": "@fancy111 \u600e\u4e48\uff0c\u770b\u4e0d\u8d77 V2EX \u5bb6\u7684\u8f93\u5165\u6846\uff1f\u975e\u8981\u522b\u4eba\u7ed9\u4f60\u73af\u5883\uff0c\u7b11\u6b7b\u6211\u4e86", "content_rendered": "@fancy111 \u600e\u4e48\uff0c\u770b\u4e0d\u8d77 V2EX \u5bb6\u7684\u8f93\u5165\u6846\uff1f\u975e\u8981\u522b\u4eba\u7ed9\u4f60\u73af\u5883\uff0c\u7b11\u6b7b\u6211\u4e86", "last_modified": 1587718046, "member_id": 221715, "id": 8875310}, {"member": {"id": 305749, "username": "lzuntalented", "url": "u/lzuntalented", "website": "www.lzuntalented.cn", "twitter": "", "psn": "", "github": "lzuntalented", "btc": "", "location": "Hang Zhou", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/3230/50c1/305749_mini.png?m=1648732540", "avatar_normal": "https://cdn.v2ex.com/avatar/3230/50c1/305749_normal.png?m=1648732540", "avatar_large": "https://cdn.v2ex.com/avatar/3230/50c1/305749_large.png?m=1648732540", "created": 1522746593, "last_modified": 1648732540, "pro": 0}, "created": 1587718259, "topic_id": 665687, "content": "@moonlord \u5bcc\u6587\u672c\u7684\u5904\u7406\u573a\u666f\u4f60\u6ca1\u8003\u8651\uff0c\u4e0d\u662f\u6240\u6709\u7684\u8f93\u51fa\u90fd\u662f\u5f53\u505a\u5b57\u7b26\u4f7f\u7528\u7684\uff0c\u5bcc\u6587\u672c\u4e2d\u56fe\u7247\u94fe\u63a5\u6807\u7b7e\u7b49\u90fd\u5b58\u5728\u7684", "content_rendered": "@moonlord \u5bcc\u6587\u672c\u7684\u5904\u7406\u573a\u666f\u4f60\u6ca1\u8003\u8651\uff0c\u4e0d\u662f\u6240\u6709\u7684\u8f93\u51fa\u90fd\u662f\u5f53\u505a\u5b57\u7b26\u4f7f\u7528\u7684\uff0c\u5bcc\u6587\u672c\u4e2d\u56fe\u7247\u94fe\u63a5\u6807\u7b7e\u7b49\u90fd\u5b58\u5728\u7684", "last_modified": 1587718259, "member_id": 305749, "id": 8875330}, {"member": {"id": 271649, "username": "skyRival", "url": "u/skyRival", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=73&d=retro", "created": 1512126547, "last_modified": 1587723332, "pro": 0}, "created": 1587718279, "topic_id": 665687, "content": "@fancy111 \u4f60\u53ef\u771f\u9017\u5144\u5f1f\uff0c\u6211\u4e00\u6478\u9c7c\u7684\u54ea\u6709\u529f\u592b\u53bb\u90e8\u7f72\uff0c\u5185\u7f51\u7a7f\u900f\u6211\u73b0\u5728\u4e5f\u6ca1\u6761\u4ef6\u3002\u4f60\u5c31\u4e0a\u4ee3\u7801\uff0c\u6211\u8fd9\u8fb9\u8dd1\u8d77\u6765\u5c31 OK\uff0c\u5927\u5bb6\u90fd\u53ef\u4ee5\u770b\u770b\u3002", "content_rendered": "@fancy111 \u4f60\u53ef\u771f\u9017\u5144\u5f1f\uff0c\u6211\u4e00\u6478\u9c7c\u7684\u54ea\u6709\u529f\u592b\u53bb\u90e8\u7f72\uff0c\u5185\u7f51\u7a7f\u900f\u6211\u73b0\u5728\u4e5f\u6ca1\u6761\u4ef6\u3002\u4f60\u5c31\u4e0a\u4ee3\u7801\uff0c\u6211\u8fd9\u8fb9\u8dd1\u8d77\u6765\u5c31 OK\uff0c\u5927\u5bb6\u90fd\u53ef\u4ee5\u770b\u770b\u3002", "last_modified": 1587718279, "member_id": 271649, "id": 8875333}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587718361, "topic_id": 665687, "content": "@skyRival \u54e6\uff0c\u90a3\u4f60\u4eec\u81ea\u5df1\u73a9\u5427\u3002", "content_rendered": "@skyRival \u54e6\uff0c\u90a3\u4f60\u4eec\u81ea\u5df1\u73a9\u5427\u3002", "last_modified": 1587718361, "member_id": 446598, "id": 8875345}, {"member": {"id": 271649, "username": "skyRival", "url": "u/skyRival", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=73&d=retro", "created": 1512126547, "last_modified": 1587723332, "pro": 0}, "created": 1587718504, "topic_id": 665687, "content": "@SilentDepth @lzuntalented \u6211\u4e4b\u524d\u505a\u7684\u7f51\u7ad9\u6ca1\u6709\u6e32\u67d3\u5bcc\u6587\u672c\u7684\u9700\u6c42\uff0c\u8fd9\u4e2a\u6211\u4e0d\u592a\u786e\u5b9a\uff0c\u6211\u7684\u60f3\u6cd5\u662f\u8f6c\u6210 markdown\uff0c\u7136\u540e\u5728\u524d\u7aef\u6e32\u67d3 markdown \u3002", "content_rendered": "@SilentDepth @lzuntalented \u6211\u4e4b\u524d\u505a\u7684\u7f51\u7ad9\u6ca1\u6709\u6e32\u67d3\u5bcc\u6587\u672c\u7684\u9700\u6c42\uff0c\u8fd9\u4e2a\u6211\u4e0d\u592a\u786e\u5b9a\uff0c\u6211\u7684\u60f3\u6cd5\u662f\u8f6c\u6210 markdown\uff0c\u7136\u540e\u5728\u524d\u7aef\u6e32\u67d3 markdown \u3002", "last_modified": 1587718504, "member_id": 271649, "id": 8875364}, {"member": {"id": 129339, "username": "SilentDepth", "url": "u/SilentDepth", "website": "", "twitter": "SilentDepthCN", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=73&d=retro", "created": 1438093159, "last_modified": 1678779245, "pro": 0}, "created": 1587718566, "topic_id": 665687, "content": "@moonlord \r\n\u6211\u6982\u62ec\u4e00\u4e0b\u4f60\u5728 #10 \u7684\u89c2\u70b9\uff1a\u5bf9\u4e8e\u7528\u6237\u8f93\u5165\u7684\u5185\u5bb9\uff0c\u4e00\u5f8b\u4f5c\u4e3a\u6587\u672c\u8282\u70b9\u5904\u7406\uff0c\u4e0d\u8981\u521b\u5efa HTML \u5143\u7d20\u3002\r\n\r\n\u9996\u5148\uff0c\u6ca1\u9519\uff0c\u8fd9\u6837\u662f\u53ef\u4ee5\u9632\u6b62 XSS \u3002\u5982\u679c\u4e1a\u52a1\u9700\u6c42\u4e0a\u672c\u4e0d\u9700\u8981\u7528\u6237\u63d0\u4f9b HTML \u7ed3\u6784\uff0c\u8fd9\u4e48\u505a\u6ca1\u95ee\u9898\u3002\u4f46\u5c31\u662f\u6709\u7528\u6237\u76f4\u63a5\u63d0\u4f9b HTML \u7684\u9700\u6c42\u573a\u666f\u554a\uff0c\u8fd9\u4e2a\u65f6\u5019\u4f60\u7684\u8fd9\u4e2a\u529e\u6cd5\u662f\u884c\u4e0d\u901a\u7684\u3002\u6700\u7b80\u5355\u7684\u505a\u6cd5\u5c31\u662f tag name \u767d\u540d\u5355 + \u8f6c\u4e49\u5b57\u7b26\uff08\u6216\u8fc7\u6ee4\uff09\uff0c\u6211\u4e0d\u8ba4\u4e3a\u8fd9\u4e2a\u529e\u6cd5\u662f\u300c\u9519\u8bef\u300d\u7684\u3002\r\n\r\n\u53e6\u5916\uff0c\u5bf9\u4e8e\u540e\u7aef\u6e32\u67d3\u9875\u9762\u7684\u573a\u666f\uff08\u4f8b\u5982 V2EX\uff0c\u5982\u679c\u6211\u6ca1\u731c\u9519\u7684\u8bdd\uff09\uff0c\u4f60\u8981\u600e\u4e48\u628a\u7528\u6237\u5185\u5bb9\u7cbe\u786e\u63a7\u5236\u5230\u6587\u672c\u8282\u70b9\u5185\uff1f\u8fd8\u662f\u5f97\u8f6c\u4e49\u554a\u3002\r\n\r\n\u6240\u4ee5\u4f60\u4eec\u5230\u5e95\u5728\u4e89\u4ec0\u4e48\u2026\u2026", "content_rendered": "@moonlord
\u6211\u6982\u62ec\u4e00\u4e0b\u4f60\u5728 #10 \u7684\u89c2\u70b9\uff1a\u5bf9\u4e8e\u7528\u6237\u8f93\u5165\u7684\u5185\u5bb9\uff0c\u4e00\u5f8b\u4f5c\u4e3a\u6587\u672c\u8282\u70b9\u5904\u7406\uff0c\u4e0d\u8981\u521b\u5efa HTML \u5143\u7d20\u3002

\u9996\u5148\uff0c\u6ca1\u9519\uff0c\u8fd9\u6837\u662f\u53ef\u4ee5\u9632\u6b62 XSS \u3002\u5982\u679c\u4e1a\u52a1\u9700\u6c42\u4e0a\u672c\u4e0d\u9700\u8981\u7528\u6237\u63d0\u4f9b HTML \u7ed3\u6784\uff0c\u8fd9\u4e48\u505a\u6ca1\u95ee\u9898\u3002\u4f46\u5c31\u662f\u6709\u7528\u6237\u76f4\u63a5\u63d0\u4f9b HTML \u7684\u9700\u6c42\u573a\u666f\u554a\uff0c\u8fd9\u4e2a\u65f6\u5019\u4f60\u7684\u8fd9\u4e2a\u529e\u6cd5\u662f\u884c\u4e0d\u901a\u7684\u3002\u6700\u7b80\u5355\u7684\u505a\u6cd5\u5c31\u662f tag name \u767d\u540d\u5355 + \u8f6c\u4e49\u5b57\u7b26\uff08\u6216\u8fc7\u6ee4\uff09\uff0c\u6211\u4e0d\u8ba4\u4e3a\u8fd9\u4e2a\u529e\u6cd5\u662f\u300c\u9519\u8bef\u300d\u7684\u3002

\u53e6\u5916\uff0c\u5bf9\u4e8e\u540e\u7aef\u6e32\u67d3\u9875\u9762\u7684\u573a\u666f\uff08\u4f8b\u5982 V2EX\uff0c\u5982\u679c\u6211\u6ca1\u731c\u9519\u7684\u8bdd\uff09\uff0c\u4f60\u8981\u600e\u4e48\u628a\u7528\u6237\u5185\u5bb9\u7cbe\u786e\u63a7\u5236\u5230\u6587\u672c\u8282\u70b9\u5185\uff1f\u8fd8\u662f\u5f97\u8f6c\u4e49\u554a\u3002

\u6240\u4ee5\u4f60\u4eec\u5230\u5e95\u5728\u4e89\u4ec0\u4e48\u2026\u2026", "last_modified": 1587718566, "member_id": 129339, "id": 8875372}, {"member": {"id": 271649, "username": "skyRival", "url": "u/skyRival", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=73&d=retro", "created": 1512126547, "last_modified": 1587723332, "pro": 0}, "created": 1587718665, "topic_id": 665687, "content": "@SilentDepth \u6211\u89c9\u5f97\u5e94\u8be5\u662f\u5728\u4e89\u9700\u4e0d\u9700\u8981\u540e\u7aef\u8fc7\u6ee4\u6765\u9632\u5fa1 XSS \u7684\u95ee\u9898\u3002", "content_rendered": "@SilentDepth \u6211\u89c9\u5f97\u5e94\u8be5\u662f\u5728\u4e89\u9700\u4e0d\u9700\u8981\u540e\u7aef\u8fc7\u6ee4\u6765\u9632\u5fa1 XSS \u7684\u95ee\u9898\u3002", "last_modified": 1587718665, "member_id": 271649, "id": 8875380}, {"member": {"id": 129339, "username": "SilentDepth", "url": "u/SilentDepth", "website": "", "twitter": "SilentDepthCN", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/371a61cc72efcd454db4efe3a850e7bb?s=73&d=retro", "created": 1438093159, "last_modified": 1678779245, "pro": 0}, "created": 1587718851, "topic_id": 665687, "content": "@skyRival #77 \u6211\u8fd9\u513f V2EX plus \u63d2\u4ef6\u8c8c\u4f3c bug \u4e86\uff0c\u89e3\u6790\u4e0d\u51fa\u4f1a\u8bdd\uff0c\u6211\u5c31\u4e0d\u624b\u52a8\u8ffd\u6eaf\u4f60\u4eec\u7684\u5bf9\u8bdd\u4e86\u3002\u5982\u679c\u5141\u8bb8\u7684\u5bcc\u6587\u672c\u7c7b\u578b\u662f\u6709\u9650\u7684\uff0c\u8f6c\u6210 Markdown \u518d\u6e32\u67d3\u51fa\u6765\u662f\u53ef\u884c\u7684\u3002\u5982\u679c\u4e0d\u662f\uff08\u4f8b\u5982\u5141\u8bb8\u7528\u6237\u63d2\u5165 Gist \u7ec4\u4ef6\uff09\uff0c\u8981\u4e48\u505a\u590d\u6742\u7684\u683c\u5f0f\u8f6c\u6362\uff08\u9ad8\u5f00\u53d1\u6210\u672c\u4f46\u66f4\u53ef\u63a7\uff09\uff0c\u8981\u4e48\u76f4\u51fa HTML \u7136\u540e\u8d70\u4f20\u7edf\u7684 XSS \u5904\u7406\uff08\u4f4e\u5f00\u53d1\u6210\u672c\u4f46\u96be\u53ef\u63a7\uff09\u3002", "content_rendered": "@skyRival #77 \u6211\u8fd9\u513f V2EX plus \u63d2\u4ef6\u8c8c\u4f3c bug \u4e86\uff0c\u89e3\u6790\u4e0d\u51fa\u4f1a\u8bdd\uff0c\u6211\u5c31\u4e0d\u624b\u52a8\u8ffd\u6eaf\u4f60\u4eec\u7684\u5bf9\u8bdd\u4e86\u3002\u5982\u679c\u5141\u8bb8\u7684\u5bcc\u6587\u672c\u7c7b\u578b\u662f\u6709\u9650\u7684\uff0c\u8f6c\u6210 Markdown \u518d\u6e32\u67d3\u51fa\u6765\u662f\u53ef\u884c\u7684\u3002\u5982\u679c\u4e0d\u662f\uff08\u4f8b\u5982\u5141\u8bb8\u7528\u6237\u63d2\u5165 Gist \u7ec4\u4ef6\uff09\uff0c\u8981\u4e48\u505a\u590d\u6742\u7684\u683c\u5f0f\u8f6c\u6362\uff08\u9ad8\u5f00\u53d1\u6210\u672c\u4f46\u66f4\u53ef\u63a7\uff09\uff0c\u8981\u4e48\u76f4\u51fa HTML \u7136\u540e\u8d70\u4f20\u7edf\u7684 XSS \u5904\u7406\uff08\u4f4e\u5f00\u53d1\u6210\u672c\u4f46\u96be\u53ef\u63a7\uff09\u3002", "last_modified": 1587718851, "member_id": 129339, "id": 8875405}, {"member": {"id": 29763, "username": "zdhxiong", "url": "u/zdhxiong", "website": "https://www.mdui.org", "twitter": "", "psn": "", "github": "zdhxiong", "btc": "", "location": "\u676d\u5dde", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/604e/57ad/29763_mini.png?m=1697509512", "avatar_normal": "https://cdn.v2ex.com/avatar/604e/57ad/29763_normal.png?m=1697509512", "avatar_large": "https://cdn.v2ex.com/avatar/604e/57ad/29763_large.png?m=1697509512", "created": 1353380297, "last_modified": 1697509512, "pro": 0}, "created": 1587718934, "topic_id": 665687, "content": "@moonlord \r\n\u770b v2 \u7684 api \u5c31\u884c\uff0c\u8fd4\u56de\u7684\u5b57\u7b26\u90fd\u662f\u8f6c\u4e49\u8fc7\u7684\r\napi/replies/show.json?topic_id=665687", "content_rendered": "@moonlord
\u770b v2 \u7684 api \u5c31\u884c\uff0c\u8fd4\u56de\u7684\u5b57\u7b26\u90fd\u662f\u8f6c\u4e49\u8fc7\u7684
api/replies/show.json?topic_id=665687", "last_modified": 1587718934, "member_id": 29763, "id": 8875409}, {"member": {"id": 221715, "username": "moonlord", "url": "u/moonlord", "website": null, "twitter": "", "psn": "", "github": "MoonLord-LM", "btc": "", "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f80eee8195b6b55df5ba1a19c6364ce5?s=73&d=retro", "created": 1489829165, "last_modified": 1489829165, "pro": 0}, "created": 1587719271, "topic_id": 665687, "content": "@zdhxiong \r\n\u7741\u773c\u8bf4\u778e\u8bdd\uff1f\u641c\u4e0b\r\n\r\n\r\n\r\n

\r\n\r\n", "content_rendered": "@fancy111 \u6709\u610f\u601d\uff0c\u4e0d\u7528\u540e\u7aef\uff0c\u4e0d\u7528\u8fc7\u6ee4\uff0c\u6765\u5427

<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<title>xss me</title>
<script>
window.Onload= function () {
const url = new URL(location.href)
const input = url.searchParams.get('input');
document.getElementById('output').innerText = input;
document.querySelector('input').value = input;
}
</script>
</head>
<body>
<form>
<label>
<input type=\"text\" name=\"input\"/>
</label>
<button type=\"submit\">submit</button>
</form>
<pre id=\"output\"></pre>
</body>
</html>", "last_modified": 1587726517, "member_id": 390901, "id": 8876143}, {"member": {"id": 200123, "username": "sagaxu", "url": "u/sagaxu", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/a4b7/3b82/200123_mini.png?m=1735644881", "avatar_normal": "https://cdn.v2ex.com/avatar/a4b7/3b82/200123_normal.png?m=1735644881", "avatar_large": "https://cdn.v2ex.com/avatar/a4b7/3b82/200123_large.png?m=1735644881", "created": 1478431593, "last_modified": 1735644881, "pro": 0}, "created": 1587726634, "topic_id": 665687, "content": "SQL \u6ce8\u5165\uff0cprepared statement \u4e00\u52b3\u6c38\u9038\uff0c\u8fc7\u6ee4\u662f\u778e\u9e21\u5df4\u641e\u3002\r\n\r\nXSS \u6ce8\u5165\uff0c\u540e\u7aef\u62fc html \u7684\u7531\u540e\u7aef\u8f6c\u4e49\uff0c\u524d\u540e\u7aef\u5206\u79bb\u7684\uff0c\u524d\u7aef\u8d1f\u8d23\u641e\u5b9a\u3002", "content_rendered": "SQL \u6ce8\u5165\uff0cprepared statement \u4e00\u52b3\u6c38\u9038\uff0c\u8fc7\u6ee4\u662f\u778e\u9e21\u5df4\u641e\u3002

XSS \u6ce8\u5165\uff0c\u540e\u7aef\u62fc html \u7684\u7531\u540e\u7aef\u8f6c\u4e49\uff0c\u524d\u540e\u7aef\u5206\u79bb\u7684\uff0c\u524d\u7aef\u8d1f\u8d23\u641e\u5b9a\u3002", "last_modified": 1587726634, "member_id": 200123, "id": 8876150}, {"member": {"id": 346378, "username": "cumt21g", "url": "u/cumt21g", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/643d/8916/346378_mini.png?m=1592184893", "avatar_normal": "https://cdn.v2ex.com/avatar/643d/8916/346378_normal.png?m=1592184893", "avatar_large": "https://cdn.v2ex.com/avatar/643d/8916/346378_large.png?m=1592184893", "created": 1535811955, "last_modified": 1592184893, "pro": 0}, "created": 1587727119, "topic_id": 665687, "content": "\u8d77\u4f5c\u7528\u7684\u8fd8\u662f\u540e\u7aef\u8fc7\u6ee4\u5427", "content_rendered": "\u8d77\u4f5c\u7528\u7684\u8fd8\u662f\u540e\u7aef\u8fc7\u6ee4\u5427", "last_modified": 1587727119, "member_id": 346378, "id": 8876180}, {"member": {"id": 271649, "username": "skyRival", "url": "u/skyRival", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/2f1971500a6d0ef8539cedf4a59cf12b?s=73&d=retro", "created": 1512126547, "last_modified": 1587723332, "pro": 0}, "created": 1587727391, "topic_id": 665687, "content": "@aguesuka https://s1.ax1x.com/2020/04/24/JDhdJg.png", "content_rendered": "@aguesuka https://s1.ax1x.com/2020/04/24/JDhdJg.png", "last_modified": 1587727391, "member_id": 271649, "id": 8876192}, {"member": {"id": 415526, "username": "tctc4869", "url": "u/tctc4869", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_mini.png?m=1635391445", "avatar_normal": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_normal.png?m=1635391445", "avatar_large": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_large.png?m=1635391445", "created": 1558768286, "last_modified": 1635391445, "pro": 0}, "created": 1587728180, "topic_id": 665687, "content": "@Deffi \r\n@zhw2590582 \r\n@taaaang \r\n\r\n\u524d\u7aef\u8fc7\u6ee4\uff0c\u662f\u56e0\u4e3a\u524d\u7aef\u662f\u9762\u5411\u6b63\u5e38\u7684\u5ba2\u6237\u7aef\uff0c\u800c\u6784\u9020\u8bf7\u6c42\u76f4\u63a5\u8c03\u540e\u7aef\u63a5\u53e3\u4e0d\u7b97\u6b63\u5e38\u7684\u5ba2\u6237\u7aef\uff0c\u540e\u7aef\u4e3b\u8981\u8d1f\u8d23\u5b89\u5168\uff0c\u7528\u6237\u4f53\u9a8c\u4ea4\u7ed9\u524d\u7aef\u3002\r\n\r\n\u540e\u7aef\u65e2\u7136\u68c0\u6d4b\u7684\u975e\u6cd5\u6570\u636e\uff0c\u5c31\u4ee3\u8868\u8bf7\u6c42\u7684\u5ba2\u6237\u7aef\u662f\u4e0d\u6b63\u5e38\u7684\u5ba2\u6237\u7aef\uff0c\u6ca1\u6709\u7ecf\u8fc7\u524d\u7aef\u9a8c\u8bc1\u8fc7\u6ee4\u7684\u5ba2\u6237\u7aef\uff0c\u5c31\u6ca1\u6709\u5fc5\u8981\u4ece\u6570\u636e\u5e93\u62ff\u6570\u636e\u4e86\uff0c\u66f4\u6ca1\u6709\u5fc5\u8981\u8fc7\u6ee4\u6570\u636e\u3002\u90fd\u5df2\u7ecf\u662f\u975e\u6b63\u5e38\u7528\u6237\u4e86\uff0c\u6ca1\u5fc5\u8981\u544a\u8bc9\u5ba2\u6237\u7aef\u662f\u4e0d\u662f\u8bf7\u6c42\u51fa\u95ee\u9898\u4e86\u3002", "content_rendered": "@Deffi
@zhw2590582
@taaaang

\u524d\u7aef\u8fc7\u6ee4\uff0c\u662f\u56e0\u4e3a\u524d\u7aef\u662f\u9762\u5411\u6b63\u5e38\u7684\u5ba2\u6237\u7aef\uff0c\u800c\u6784\u9020\u8bf7\u6c42\u76f4\u63a5\u8c03\u540e\u7aef\u63a5\u53e3\u4e0d\u7b97\u6b63\u5e38\u7684\u5ba2\u6237\u7aef\uff0c\u540e\u7aef\u4e3b\u8981\u8d1f\u8d23\u5b89\u5168\uff0c\u7528\u6237\u4f53\u9a8c\u4ea4\u7ed9\u524d\u7aef\u3002

\u540e\u7aef\u65e2\u7136\u68c0\u6d4b\u7684\u975e\u6cd5\u6570\u636e\uff0c\u5c31\u4ee3\u8868\u8bf7\u6c42\u7684\u5ba2\u6237\u7aef\u662f\u4e0d\u6b63\u5e38\u7684\u5ba2\u6237\u7aef\uff0c\u6ca1\u6709\u7ecf\u8fc7\u524d\u7aef\u9a8c\u8bc1\u8fc7\u6ee4\u7684\u5ba2\u6237\u7aef\uff0c\u5c31\u6ca1\u6709\u5fc5\u8981\u4ece\u6570\u636e\u5e93\u62ff\u6570\u636e\u4e86\uff0c\u66f4\u6ca1\u6709\u5fc5\u8981\u8fc7\u6ee4\u6570\u636e\u3002\u90fd\u5df2\u7ecf\u662f\u975e\u6b63\u5e38\u7528\u6237\u4e86\uff0c\u6ca1\u5fc5\u8981\u544a\u8bc9\u5ba2\u6237\u7aef\u662f\u4e0d\u662f\u8bf7\u6c42\u51fa\u95ee\u9898\u4e86\u3002", "last_modified": 1587728180, "member_id": 415526, "id": 8876242}, {"member": {"id": 415526, "username": "tctc4869", "url": "u/tctc4869", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_mini.png?m=1635391445", "avatar_normal": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_normal.png?m=1635391445", "avatar_large": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_large.png?m=1635391445", "created": 1558768286, "last_modified": 1635391445, "pro": 0}, "created": 1587728295, "topic_id": 665687, "content": "@cumt21g \u540e\u7aef\u8fc7\u6ee4\u662f\u591a\u6b64\u4e00\u4e3e\uff0c\u6d6a\u8d39\u7cbe\u529b\uff0c\u540e\u7aef\u8d1f\u8d23\u901a\u4e0d\u901a\u8fc7\u5c31\u884c\uff0c\u96be\u9053\u540e\u7aef\u8fd8\u8981\u544a\u8bc9\u975e\u6cd5\u8bf7\u6c42\u7684\u5ba2\u6237\u7aef\uff0c\u4f60\u7684\u8bf7\u6c42\u6570\u636e\u6709\u95ee\u9898\u4e48\uff1f\u6b63\u5e38\u7684\u5ba2\u6237\u7aef\u5c31\u4ea4\u7ed9\u524d\u7aef\u53bb\u8d1f\u8d23\u3002\u81f3\u4e8e\u975e\u6cd5\u5ba2\u6237\u7aef\u3002", "content_rendered": "@cumt21g \u540e\u7aef\u8fc7\u6ee4\u662f\u591a\u6b64\u4e00\u4e3e\uff0c\u6d6a\u8d39\u7cbe\u529b\uff0c\u540e\u7aef\u8d1f\u8d23\u901a\u4e0d\u901a\u8fc7\u5c31\u884c\uff0c\u96be\u9053\u540e\u7aef\u8fd8\u8981\u544a\u8bc9\u975e\u6cd5\u8bf7\u6c42\u7684\u5ba2\u6237\u7aef\uff0c\u4f60\u7684\u8bf7\u6c42\u6570\u636e\u6709\u95ee\u9898\u4e48\uff1f\u6b63\u5e38\u7684\u5ba2\u6237\u7aef\u5c31\u4ea4\u7ed9\u524d\u7aef\u53bb\u8d1f\u8d23\u3002\u81f3\u4e8e\u975e\u6cd5\u5ba2\u6237\u7aef\u3002", "last_modified": 1587728295, "member_id": 415526, "id": 8876250}, {"member": {"id": 198099, "username": "zhangysh1995", "url": "u/zhangysh1995", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/fea7d00066528bc8c7c393706a3b8e94?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/fea7d00066528bc8c7c393706a3b8e94?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/fea7d00066528bc8c7c393706a3b8e94?s=73&d=retro", "created": 1477333514, "last_modified": 1477333514, "pro": 0}, "created": 1587728442, "topic_id": 665687, "content": "\u8003\u8651\u4e00\u4e0b\u9a8c\u8bc1\u65b9\u6cd5\uff0c\u628a\u8fd9\u7bc7\u8bba\u6587\u5b9e\u73b0\uff0cThe essence of command injection attacks in web applications", "content_rendered": "\u8003\u8651\u4e00\u4e0b\u9a8c\u8bc1\u65b9\u6cd5\uff0c\u628a\u8fd9\u7bc7\u8bba\u6587\u5b9e\u73b0\uff0cThe essence of command injection attacks in web applications", "last_modified": 1587728442, "member_id": 198099, "id": 8876261}, {"member": {"id": 198099, "username": "zhangysh1995", "url": "u/zhangysh1995", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/fea7d00066528bc8c7c393706a3b8e94?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/fea7d00066528bc8c7c393706a3b8e94?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/fea7d00066528bc8c7c393706a3b8e94?s=73&d=retro", "created": 1477333514, "last_modified": 1477333514, "pro": 0}, "created": 1587728502, "topic_id": 665687, "content": "\u94fe\u63a5 http://portal.acm.org/citation.cfm?doid=1111037.1111070\uff0c\u6839\u636e\u539f\u6587\u6ce8\u5165\u90fd\u4e0d\u662f\u4e8b\u513f", "content_rendered": "\u94fe\u63a5 http://portal.acm.org/citation.cfm?doid=1111037.1111070\uff0c\u6839\u636e\u539f\u6587\u6ce8\u5165\u90fd\u4e0d\u662f\u4e8b\u513f", "last_modified": 1587728502, "member_id": 198099, "id": 8876265}, {"member": {"id": 250548, "username": "no1xsyzy", "url": "u/no1xsyzy", "website": "http://inqb.ga", "twitter": "", "psn": "", "github": "no1xsyzy", "btc": "", "location": "", "tagline": "\u50d5\u3068\u5951\u7d04\u3057\u3066\u9b54\u6cd5\u5c11\u5973\u306b\u306a\u3063\u3066\u3088\uff01", "bio": "\u62bd\u8c61\u4e13\u4e1a\u6237\u3002\u6bd4\u55bb\u5927\u5e08\u3002\r\n\uff08\u53ef\u80fd\u662f\u5730\u7403\u4e0a\u552f\u4e00\u7684\u4e00\u540d\uff09\u8d5b\u535a\u5171\u4ea7\u4e3b\u4e49\u8005\uff08C.C. = Cybernetic Communism\uff09\uff1a\r\n1. \u4eba\u7c7b\u4e0d\u5f97\u963b\u6b62\u4efb\u4f55\u4fe1\u606f\u7684\u4f20\u64ad\uff08B.Y. = Beyond You\uff09\uff1b\r\n2. \u6cd5\u5f8b\u9700\u8981\u53ef\u4ee5\u88ab\u5f53\u4f5c\u4ee3\u7801\u6267\u884c\uff08S.A. = Statutory Automation\uff09\u3002\r\n\r\n\u4e0d\u7528 IM\uff0c\u8054\u7cfb\u65b9\u5f0f\u8bf7\u81ea\u5df1\u60f3\u529e\u6cd5\u627e\u5230\u6211\u90ae\u7bb1\u3002\r\n\r\n\r\n\u552f\u4e00\u503c\u5f97\u5b66\u4e60\u7684\u662f\u601d\u7ef4\u65b9\u5f0f\uff1a\r\n\u300a\u8ba1\u7b97\u673a\u7a0b\u5e8f\u7684\u6784\u9020\u548c\u89e3\u91ca\u300b\r\n\u300a\u4e00\u822c\u7cfb\u7edf\u8bba\u2014\u2014\u57fa\u7840\u3001\u5e94\u7528\u53ca\u53d1\u5c55\u300b\r\n\u300a\u8c08\u5224\u529b\u300b\r\n\u300a\u56fd\u5bcc\u8bba\u300b & \u300a\u725b\u5976\u53ef\u4e50\u7ecf\u6d4e\u5b66\u300b\r\n\u2026\u2026 \uff08\u672a\u7aed\uff09", "avatar_mini": "https://cdn.v2ex.com/avatar/fe4b/4d25/250548_mini.png?m=1588766833", "avatar_normal": "https://cdn.v2ex.com/avatar/fe4b/4d25/250548_normal.png?m=1588766833", "avatar_large": "https://cdn.v2ex.com/avatar/fe4b/4d25/250548_large.png?m=1588766833", "created": 1503549097, "last_modified": 1588766833, "pro": 0}, "created": 1587728571, "topic_id": 665687, "content": "\u4e25\u683c\u767d\u540d\u5355\u65b0\u5efa\u4e00\u5957\u63cf\u8ff0\u5bcc\u6587\u672c\u7684\u8bed\u8a00\uff0c\u7136\u540e\u5199\u4e2a\u8be5\u8bed\u8a00\u5230 HTML \u7684\u7f16\u8bd1\u5668\r\n\u90a3\u5efa\u7acb\u4e00\u4e2a\u548c html \u5f88\u50cf\u7684\u8bed\u8a00\u4e5f\u6ca1\u4ec0\u4e48\u95ee\u9898\uff0c\u4f46\u522b\u5077\u61d2\uff0c\u6574\u4e2a\u91cd\u65b0 parse \u5206\u6790\u8bed\u4e49\u7136\u540e\u518d\u91cd\u65b0\u6e32\u67d3\uff0c\u4e0d\u8981 passthru\r\nBBcode \u548c Markdown \u5728\u4e00\u5b9a\u7a0b\u5ea6\u4e0a\u5c31\u662f\u903c\u81ea\u5df1\u548c\u540e\u7eed\u7ef4\u62a4\u8005\u522b\u5077\u61d2", "content_rendered": "\u4e25\u683c\u767d\u540d\u5355\u65b0\u5efa\u4e00\u5957\u63cf\u8ff0\u5bcc\u6587\u672c\u7684\u8bed\u8a00\uff0c\u7136\u540e\u5199\u4e2a\u8be5\u8bed\u8a00\u5230 HTML \u7684\u7f16\u8bd1\u5668
\u90a3\u5efa\u7acb\u4e00\u4e2a\u548c html \u5f88\u50cf\u7684\u8bed\u8a00\u4e5f\u6ca1\u4ec0\u4e48\u95ee\u9898\uff0c\u4f46\u522b\u5077\u61d2\uff0c\u6574\u4e2a\u91cd\u65b0 parse \u5206\u6790\u8bed\u4e49\u7136\u540e\u518d\u91cd\u65b0\u6e32\u67d3\uff0c\u4e0d\u8981 passthru
BBcode \u548c Markdown \u5728\u4e00\u5b9a\u7a0b\u5ea6\u4e0a\u5c31\u662f\u903c\u81ea\u5df1\u548c\u540e\u7eed\u7ef4\u62a4\u8005\u522b\u5077\u61d2", "last_modified": 1587728571, "member_id": 250548, "id": 8876267}, {"member": {"id": 372341, "username": "jinmaoi", "url": "u/jinmaoi", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/29d86901cde7cbf6639b45c398db143b?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/29d86901cde7cbf6639b45c398db143b?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/29d86901cde7cbf6639b45c398db143b?s=73&d=retro", "created": 1545553456, "last_modified": 1545553456, "pro": 0}, "created": 1587728607, "topic_id": 665687, "content": "@fancy111 \u6211\u89c9\u5f97\u4ed6\u7684\u610f\u601d\u6839\u672c\u5c31\u4e0d\u662f\u524d\u7aef\u8fc7\u6ee4\u8f93\u5165,\u53ea\u662f\u8fc7\u6ee4\u8f93\u51fa\u800c\u5df2.\u51b5\u4e14\u4f60\u4e3e\u7684\u90a3\u4e2a xss \u5e76\u6ca1\u6709\u6548\u679c", "content_rendered": "@fancy111 \u6211\u89c9\u5f97\u4ed6\u7684\u610f\u601d\u6839\u672c\u5c31\u4e0d\u662f\u524d\u7aef\u8fc7\u6ee4\u8f93\u5165,\u53ea\u662f\u8fc7\u6ee4\u8f93\u51fa\u800c\u5df2.\u51b5\u4e14\u4f60\u4e3e\u7684\u90a3\u4e2a xss \u5e76\u6ca1\u6709\u6548\u679c", "last_modified": 1587728607, "member_id": 372341, "id": 8876270}, {"member": {"id": 390901, "username": "aguesuka", "url": "u/aguesuka", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/ce6d134320e72fbc4f8caea0804ba460?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/ce6d134320e72fbc4f8caea0804ba460?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/ce6d134320e72fbc4f8caea0804ba460?s=73&d=retro", "created": 1552185155, "last_modified": 1690030385, "pro": 0}, "created": 1587728830, "topic_id": 665687, "content": "@skyRival \u662f\u8ba9\u4f60\u6765\u6ce8\u6211\u4e0d\u662f\u6211\u6765\u6ce8\u4f60", "content_rendered": "@skyRival \u662f\u8ba9\u4f60\u6765\u6ce8\u6211\u4e0d\u662f\u6211\u6765\u6ce8\u4f60", "last_modified": 1587728830, "member_id": 390901, "id": 8876279}, {"member": {"id": 434557, "username": "Xezzon", "url": "u/Xezzon", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/b576/91f6/434557_mini.png?m=1738843153", "avatar_normal": "https://cdn.v2ex.com/avatar/b576/91f6/434557_normal.png?m=1738843153", "avatar_large": "https://cdn.v2ex.com/avatar/b576/91f6/434557_large.png?m=1738843153", "created": 1565238869, "last_modified": 1738843153, "pro": 0}, "created": 1587730024, "topic_id": 665687, "content": "@aguesuka \u4f60\u53ef\u771f\u6709\u610f\u601d\uff0c\u8c01\u8bf4\u4e86\u8981\u8fd9\u4e48\u5199\u4e86\uff1f\u6ca1\u4e8b\u653e pre \u5728\u90a3\u5e72\u561b\uff1f\u96be\u9053\u4e13\u95e8\u4e3a\u4e86\u8ba9\u522b\u4eba\u6765 xss \u6240\u4ee5\u6211\u5c31\u5f97\u4e0d\u7528 div \u7528 pre \u5457\uff1f", "content_rendered": "@aguesuka \u4f60\u53ef\u771f\u6709\u610f\u601d\uff0c\u8c01\u8bf4\u4e86\u8981\u8fd9\u4e48\u5199\u4e86\uff1f\u6ca1\u4e8b\u653e pre \u5728\u90a3\u5e72\u561b\uff1f\u96be\u9053\u4e13\u95e8\u4e3a\u4e86\u8ba9\u522b\u4eba\u6765 xss \u6240\u4ee5\u6211\u5c31\u5f97\u4e0d\u7528 div \u7528 pre \u5457\uff1f", "last_modified": 1587730024, "member_id": 434557, "id": 8876353}, {"member": {"id": 284103, "username": "fxxwor99LVHTing", "url": "u/fxxwor99LVHTing", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/f65803b18b34fd699aa9da84038dd025?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/f65803b18b34fd699aa9da84038dd025?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/f65803b18b34fd699aa9da84038dd025?s=73&d=retro", "created": 1516264305, "last_modified": 1516264305, "pro": 0}, "created": 1587733991, "topic_id": 665687, "content": "\u524d\u7aef\u505a\u4e0d\u4e86\uff0c", "content_rendered": "\u524d\u7aef\u505a\u4e0d\u4e86\uff0c", "last_modified": 1587733991, "member_id": 284103, "id": 8876568}, {"member": {"id": 372339, "username": "buffzty", "url": "u/buffzty", "website": "", "twitter": null, "psn": null, "github": null, "btc": null, "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/b7307d566c500a00fbbd3439296350bf?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/b7307d566c500a00fbbd3439296350bf?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/b7307d566c500a00fbbd3439296350bf?s=73&d=retro", "created": 1545552651, "last_modified": 1742439022, "pro": 0}, "created": 1587735329, "topic_id": 665687, "content": "\u6ca1\u4eba\u8bf4\u7528 react \u5417? \u7528 react \u4e0d\u4f1a\u51fa\u73b0 xss,\u663e\u793a\u65f6\u81ea\u52a8\u8fc7\u6ee4\r\n render() {\r\n const txt = ''\r\n return

{txt}

\r\n }\r\n// output \r\n</script><script>alert(11);</script>", "content_rendered": "\u6ca1\u4eba\u8bf4\u7528 react \u5417? \u7528 react \u4e0d\u4f1a\u51fa\u73b0 xss,\u663e\u793a\u65f6\u81ea\u52a8\u8fc7\u6ee4
render() {
const txt = '</script><script>alert(11);</script>'
return <div>{txt}</div>
}
// output
</script><script>alert(11);</script>", "last_modified": 1587735329, "member_id": 372339, "id": 8876651}, {"member": {"id": 446641, "username": "mxT52CRuqR6o5", "url": "u/mxT52CRuqR6o5", "website": "", "twitter": null, "psn": null, "github": null, "btc": null, "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/4da64251cf2695ed2e19a7b86764c1c4?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/4da64251cf2695ed2e19a7b86764c1c4?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/4da64251cf2695ed2e19a7b86764c1c4?s=73&d=retro", "created": 1571031549, "last_modified": 1691038138, "pro": 0}, "created": 1587736156, "topic_id": 665687, "content": "@buffzty xss \u6ce8\u5165\u5f88\u591a\u65f6\u5019\u662f\u6709\u5bcc\u6587\u672c\u7684\u9700\u6c42\u7684", "content_rendered": "@buffzty xss \u6ce8\u5165\u5f88\u591a\u65f6\u5019\u662f\u6709\u5bcc\u6587\u672c\u7684\u9700\u6c42\u7684", "last_modified": 1587736156, "member_id": 446641, "id": 8876695}, {"member": {"id": 446641, "username": "mxT52CRuqR6o5", "url": "u/mxT52CRuqR6o5", "website": "", "twitter": null, "psn": null, "github": null, "btc": null, "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/4da64251cf2695ed2e19a7b86764c1c4?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/4da64251cf2695ed2e19a7b86764c1c4?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/4da64251cf2695ed2e19a7b86764c1c4?s=73&d=retro", "created": 1571031549, "last_modified": 1691038138, "pro": 0}, "created": 1587736604, "topic_id": 665687, "content": "sql \u6ce8\u5165\u9760\u524d\u7aef\u9632\u4e0d\u4e86\uff0c\u653b\u51fb\u8005\u5b8c\u5168\u53ef\u4ee5\u81ea\u5df1\u624b\u52a8\u6784\u9020\u8bf7\u6c42\u4e0d\u9700\u8981\u901a\u8fc7\u524d\u7aef\u53bb\u53d1\u8bf7\u6c42\r\nXss \u6ce8\u5165\u53ef\u4ee5\u9760\u628a\u5bcc\u6587\u672c\u8f6c\u6210\u975e html \u7684\u62bd\u8c61\u6765\u89e3\u51b3(\u6bd4\u5982 quill)\r\n\u666e\u901a\u7684\u6587\u672c\u6846\u53bb\u8bbe\u7f6e innerHTML \u662f\u6c34\u5e73\u4e0d\u884c", "content_rendered": "sql \u6ce8\u5165\u9760\u524d\u7aef\u9632\u4e0d\u4e86\uff0c\u653b\u51fb\u8005\u5b8c\u5168\u53ef\u4ee5\u81ea\u5df1\u624b\u52a8\u6784\u9020\u8bf7\u6c42\u4e0d\u9700\u8981\u901a\u8fc7\u524d\u7aef\u53bb\u53d1\u8bf7\u6c42
Xss \u6ce8\u5165\u53ef\u4ee5\u9760\u628a\u5bcc\u6587\u672c\u8f6c\u6210\u975e html \u7684\u62bd\u8c61\u6765\u89e3\u51b3(\u6bd4\u5982 quill)
\u666e\u901a\u7684\u6587\u672c\u6846\u53bb\u8bbe\u7f6e innerHTML \u662f\u6c34\u5e73\u4e0d\u884c", "last_modified": 1587736604, "member_id": 446641, "id": 8876721}, {"member": {"id": 372339, "username": "buffzty", "url": "u/buffzty", "website": "", "twitter": null, "psn": null, "github": null, "btc": null, "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/b7307d566c500a00fbbd3439296350bf?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/b7307d566c500a00fbbd3439296350bf?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/b7307d566c500a00fbbd3439296350bf?s=73&d=retro", "created": 1545552651, "last_modified": 1742439022, "pro": 0}, "created": 1587739564, "topic_id": 665687, "content": "\u73b0\u5728 orm \u90fd\u662f\u9884\u5904\u7406.\u600e\u4e48\u53ef\u80fd\u6ce8\u5165\u5462", "content_rendered": "\u73b0\u5728 orm \u90fd\u662f\u9884\u5904\u7406.\u600e\u4e48\u53ef\u80fd\u6ce8\u5165\u5462", "last_modified": 1587739564, "member_id": 372339, "id": 8876867}, {"member": {"id": 8105, "username": "binux", "url": "u/binux", "website": "http://binux.me/", "twitter": "roybinux", "psn": "", "github": "binux", "btc": "", "location": "US", "tagline": "\u5509\uff01\uff01", "bio": "http://gplus.to/roybinux/", "avatar_mini": "https://cdn.v2ex.com/avatar/247d/87b0/8105_mini.png?m=1407157990", "avatar_normal": "https://cdn.v2ex.com/avatar/247d/87b0/8105_normal.png?m=1407157990", "avatar_large": "https://cdn.v2ex.com/avatar/247d/87b0/8105_large.png?m=1407157990", "created": 1303270093, "last_modified": 1407157990, "pro": 0}, "created": 1587740307, "topic_id": 665687, "content": "@fancy111 #6 \u8bf4\u597d\u7684\u53ea\u7528 innerText \u7684\uff0c\u5982\u679c '' \u662f\u7528\u6237\u8f93\u5165\u7684\u8bdd\uff0c\u5b83\u662f\u600e\u4e48\u8fdb\u5165 HTML \u7684\uff1f \u4f60\u8fd8\u4e0d\u662f\u62fc\u63a5 HTML \u4e86\u3002", "content_rendered": "@fancy111 #6 \u8bf4\u597d\u7684\u53ea\u7528 innerText \u7684\uff0c\u5982\u679c '</script><script>alert(11);</script>' \u662f\u7528\u6237\u8f93\u5165\u7684\u8bdd\uff0c\u5b83\u662f\u600e\u4e48\u8fdb\u5165 HTML \u7684\uff1f \u4f60\u8fd8\u4e0d\u662f\u62fc\u63a5 HTML \u4e86\u3002", "last_modified": 1587740307, "member_id": 8105, "id": 8876905}, {"member": {"id": 351610, "username": "rsjztz", "url": "u/rsjztz", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/9427dd5a8646202628afe37d595f1977?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/9427dd5a8646202628afe37d595f1977?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/9427dd5a8646202628afe37d595f1977?s=73&d=retro", "created": 1537674734, "last_modified": 1537674734, "pro": 0}, "created": 1587741029, "topic_id": 665687, "content": "\u5173\u4e8e xss\uff0c\u6211\u770b\u8fc7\u524d\u7aef\u62e6\u622a xss \u8bed\u53e5\u8fd0\u884c\u7684\u64cd\u4f5c\uff0csqli \u8fd8\u662f\u5f97\u540e\u7aef\u8fc7\u6ee4", "content_rendered": "\u5173\u4e8e xss\uff0c\u6211\u770b\u8fc7\u524d\u7aef\u62e6\u622a xss \u8bed\u53e5\u8fd0\u884c\u7684\u64cd\u4f5c\uff0csqli \u8fd8\u662f\u5f97\u540e\u7aef\u8fc7\u6ee4", "last_modified": 1587741029, "member_id": 351610, "id": 8876932}, {"member": {"id": 22480, "username": "canwushuang", "url": "u/canwushuang", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/3d7c8f56f3e4bb1d81c926b9c0edf501?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/3d7c8f56f3e4bb1d81c926b9c0edf501?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/3d7c8f56f3e4bb1d81c926b9c0edf501?s=73&d=retro", "created": 1340274122, "last_modified": 1588419757, "pro": 0}, "created": 1587741610, "topic_id": 665687, "content": "\u4f60\u6b63\u5219\u80fd\u8fc7\u6ee4 get\uff0c\u8fd8\u80fd\u5927\u91cf\u8fc7\u6ee4 post \u548c put \uff1f\u591a\u6b21\u7f16\u7801\u968f\u4f60\u6b63\u5219\u4e00\u6837\u7ed5\u3002\u8d85\u957f\u5b57\u7b26\u51fb\u7a7f\u9632\u7ebf\u4e5f\u662f\u53ef\u4ee5\uff0cemoji \u4e5f\u884c\u3002\u522b\u9632\u4e86\u3002\u3002\u3002", "content_rendered": "\u4f60\u6b63\u5219\u80fd\u8fc7\u6ee4 get\uff0c\u8fd8\u80fd\u5927\u91cf\u8fc7\u6ee4 post \u548c put \uff1f\u591a\u6b21\u7f16\u7801\u968f\u4f60\u6b63\u5219\u4e00\u6837\u7ed5\u3002\u8d85\u957f\u5b57\u7b26\u51fb\u7a7f\u9632\u7ebf\u4e5f\u662f\u53ef\u4ee5\uff0cemoji \u4e5f\u884c\u3002\u522b\u9632\u4e86\u3002\u3002\u3002", "last_modified": 1587741610, "member_id": 22480, "id": 8876951}, {"member": {"id": 22480, "username": "canwushuang", "url": "u/canwushuang", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/3d7c8f56f3e4bb1d81c926b9c0edf501?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/3d7c8f56f3e4bb1d81c926b9c0edf501?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/3d7c8f56f3e4bb1d81c926b9c0edf501?s=73&d=retro", "created": 1340274122, "last_modified": 1588419757, "pro": 0}, "created": 1587742172, "topic_id": 665687, "content": "@sagaxu % \u76f4\u63a5 like", "content_rendered": "@sagaxu % \u76f4\u63a5 like", "last_modified": 1587742172, "member_id": 22480, "id": 8876975}, {"member": {"id": 47326, "username": "neoblackcap", "url": "u/neoblackcap", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/d99fb9ac42d23b2f3567a945c7576c08?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/d99fb9ac42d23b2f3567a945c7576c08?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/d99fb9ac42d23b2f3567a945c7576c08?s=73&d=retro", "created": 1382268150, "last_modified": 1677591659, "pro": 0}, "created": 1587748547, "topic_id": 665687, "content": "\u8981\u8fc7\u6ee4\u5c31\u76f4\u63a5\u5148\u540e\u7aef\u89e3\u6790\u4e00\u904d\uff0c\u6709\u95ee\u9898\u5c31\u5e72\u6389\uff0c\u6ca1\u95ee\u9898\u5c31\u653e\u884c", "content_rendered": "\u8981\u8fc7\u6ee4\u5c31\u76f4\u63a5\u5148\u540e\u7aef\u89e3\u6790\u4e00\u904d\uff0c\u6709\u95ee\u9898\u5c31\u5e72\u6389\uff0c\u6ca1\u95ee\u9898\u5c31\u653e\u884c", "last_modified": 1587748547, "member_id": 47326, "id": 8877203}, {"member": {"id": 136991, "username": "hblf", "url": "u/hblf", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/gravatar/55e8ad0df8fd26b6e04583ced085c150?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/55e8ad0df8fd26b6e04583ced085c150?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/55e8ad0df8fd26b6e04583ced085c150?s=73&d=retro", "created": 1441501564, "last_modified": 1441501564, "pro": 0}, "created": 1587748601, "topic_id": 665687, "content": "\u90fd 0202 \u5e74\u4e86\u5c31\u522b\u60f3\u7740\u7528\u8fc7\u6ee4\u7279\u6b8a\u5b57\u7b26\u89e3\u51b3 sqli \u4e86\u5427\uff0c\u9884\u7f16\u8bd1\u6bd4\u8fc7\u6ee4\u5b89\u5168\u4e00\u4e07\u500d\r\nxss \u7684\u8fc7\u6ee4\u53c2\u8003 owasp \u81ea\u5df1\u51fa\u7684 api\r\n\u5404\u4f4d\u5f00\u53d1\u5927\u4f6c\u5e73\u65f6\u771f\u7684\u4e0d\u770b owasp \u7684\u6587\u6863\u5417\uff1f", "content_rendered": "\u90fd 0202 \u5e74\u4e86\u5c31\u522b\u60f3\u7740\u7528\u8fc7\u6ee4\u7279\u6b8a\u5b57\u7b26\u89e3\u51b3 sqli \u4e86\u5427\uff0c\u9884\u7f16\u8bd1\u6bd4\u8fc7\u6ee4\u5b89\u5168\u4e00\u4e07\u500d
xss \u7684\u8fc7\u6ee4\u53c2\u8003 owasp \u81ea\u5df1\u51fa\u7684 api
\u5404\u4f4d\u5f00\u53d1\u5927\u4f6c\u5e73\u65f6\u771f\u7684\u4e0d\u770b owasp \u7684\u6587\u6863\u5417\uff1f", "last_modified": 1587748601, "member_id": 136991, "id": 8877205}, {"member": {"id": 112326, "username": "Hyduan", "url": "u/Hyduan", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/ebb9/e3ae/112326_mini.png?m=1680867861", "avatar_normal": "https://cdn.v2ex.com/avatar/ebb9/e3ae/112326_normal.png?m=1680867861", "avatar_large": "https://cdn.v2ex.com/avatar/ebb9/e3ae/112326_large.png?m=1680867861", "created": 1429601517, "last_modified": 1680867861, "pro": 0}, "created": 1587754055, "topic_id": 665687, "content": "\u8bdd\u8bf4\u8fd9\u4e2a\u4f1a\u6709 xss \u95ee\u9898\u4e48\u3002\u3002\u5404\u4f4d\u5927\u4f6c\u8bd5\u8bd5 https://codepen.io/Hyduan/pen/bGVqLQr", "content_rendered": "\u8bdd\u8bf4\u8fd9\u4e2a\u4f1a\u6709 xss \u95ee\u9898\u4e48\u3002\u3002\u5404\u4f4d\u5927\u4f6c\u8bd5\u8bd5 https://codepen.io/Hyduan/pen/bGVqLQr", "last_modified": 1587754055, "member_id": 112326, "id": 8877266}, {"member": {"id": 112326, "username": "Hyduan", "url": "u/Hyduan", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/ebb9/e3ae/112326_mini.png?m=1680867861", "avatar_normal": "https://cdn.v2ex.com/avatar/ebb9/e3ae/112326_normal.png?m=1680867861", "avatar_large": "https://cdn.v2ex.com/avatar/ebb9/e3ae/112326_large.png?m=1680867861", "created": 1429601517, "last_modified": 1680867861, "pro": 0}, "created": 1587754192, "topic_id": 665687, "content": "@Hyduan \u6682\u4e14\u4e0d\u8003\u8651\u9700\u8981\u6e32\u67d3 HTML \u7ed3\u6784\u7684\u60c5\u51b5\uff0c\u8fd9\u79cd\u60c5\u51b5\u786e\u5b9e\u9700\u8981\u8fc7\u6ee4", "content_rendered": "@Hyduan \u6682\u4e14\u4e0d\u8003\u8651\u9700\u8981\u6e32\u67d3 HTML \u7ed3\u6784\u7684\u60c5\u51b5\uff0c\u8fd9\u79cd\u60c5\u51b5\u786e\u5b9e\u9700\u8981\u8fc7\u6ee4", "last_modified": 1587754192, "member_id": 112326, "id": 8877268}, {"member": {"id": 415526, "username": "tctc4869", "url": "u/tctc4869", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_mini.png?m=1635391445", "avatar_normal": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_normal.png?m=1635391445", "avatar_large": "https://cdn.v2ex.com/avatar/7fa8/b440/415526_large.png?m=1635391445", "created": 1558768286, "last_modified": 1635391445, "pro": 0}, "created": 1587779236, "topic_id": 665687, "content": "@buffzty \u5927\u591a\u6570\u60c5\u51b5\u4e0b\u53ef\u4ee5\u7528 orm \u6216 prepared statement \u5b9e\u73b0 sql \u9632\u6ce8\u5165\uff0c\u4f46\u4e5f\u6709\u4e0d\u5f97\u4e0d\u5fc5\u987b\u7528\u62fc\u63a5 sql \u8bed\u53e5\u7684\u65b9\u5f0f\u3002\u8fd9\u7c7b\u65b9\u5f0f\u591a\u6570\u662f\u590d\u6742\u7684\u67e5\u8be2\u8bed\u53e5", "content_rendered": "@buffzty \u5927\u591a\u6570\u60c5\u51b5\u4e0b\u53ef\u4ee5\u7528 orm \u6216 prepared statement \u5b9e\u73b0 sql \u9632\u6ce8\u5165\uff0c\u4f46\u4e5f\u6709\u4e0d\u5f97\u4e0d\u5fc5\u987b\u7528\u62fc\u63a5 sql \u8bed\u53e5\u7684\u65b9\u5f0f\u3002\u8fd9\u7c7b\u65b9\u5f0f\u591a\u6570\u662f\u590d\u6742\u7684\u67e5\u8be2\u8bed\u53e5", "last_modified": 1587779236, "member_id": 415526, "id": 8877618}, {"member": {"id": 240776, "username": "anUglyDog", "url": "u/anUglyDog", "website": "yimuc.com", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/4e50/7a60/240776_mini.png?m=1709641132", "avatar_normal": "https://cdn.v2ex.com/avatar/4e50/7a60/240776_normal.png?m=1709641132", "avatar_large": "https://cdn.v2ex.com/avatar/4e50/7a60/240776_large.png?m=1709641132", "created": 1500282160, "last_modified": 1709641132, "pro": 0}, "created": 1587790979, "topic_id": 665687, "content": "http://kude.me/view/article/7pz", "content_rendered": "http://kude.me/view/article/7pz", "last_modified": 1587790979, "member_id": 240776, "id": 8878278}, {"member": {"id": 129725, "username": "AV1", "url": "u/AV1", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/7631/061a/129725_mini.png?m=1759588504", "avatar_normal": "https://cdn.v2ex.com/avatar/7631/061a/129725_normal.png?m=1759588504", "avatar_large": "https://cdn.v2ex.com/avatar/7631/061a/129725_large.png?m=1759588504", "avatar_xlarge": "https://cdn.v2ex.com/avatar/7631/061a/129725_xlarge.png?m=1759588504", "avatar_xxlarge": "https://cdn.v2ex.com/avatar/7631/061a/129725_xxlarge.png?m=1759588504", "avatar_xxxlarge": "https://cdn.v2ex.com/avatar/7631/061a/129725_xxxlarge.png?m=1759588504", "created": 1438247199, "last_modified": 1759588504, "pro": 0}, "created": 1587797273, "topic_id": 665687, "content": "\u524d\u540e\u7aef\u5206\u79bb\u7528 react \u3001vue \u6846\u67b6\u6839\u672c\u5c31\u4e0d\u7528\u8003\u8651\u8fd9\u79cd\u4e8b\u60c5\uff0c\u56e0\u4e3a\u8fd9\u4e9b\u5de5\u5177\u672c\u6765\u5c31\u662f\u4f5c\u4e3a\u6587\u672c\u663e\u793a\u3002\u5948\u4f55\u5c31\u662f\u6709\u4eba\u559c\u6b22 jQuery\uff0c\u62fc\u63a5 HTML \u5b57\u7b26\u4e32\uff0c\u5230\u5904\u90fd\u662f\u6f0f\u6d1e\u3002", "content_rendered": "\u524d\u540e\u7aef\u5206\u79bb\u7528 react \u3001vue \u6846\u67b6\u6839\u672c\u5c31\u4e0d\u7528\u8003\u8651\u8fd9\u79cd\u4e8b\u60c5\uff0c\u56e0\u4e3a\u8fd9\u4e9b\u5de5\u5177\u672c\u6765\u5c31\u662f\u4f5c\u4e3a\u6587\u672c\u663e\u793a\u3002\u5948\u4f55\u5c31\u662f\u6709\u4eba\u559c\u6b22 jQuery\uff0c\u62fc\u63a5 HTML \u5b57\u7b26\u4e32\uff0c\u5230\u5904\u90fd\u662f\u6f0f\u6d1e\u3002", "last_modified": 1587797273, "member_id": 129725, "id": 8878622}, {"member": {"id": 432231, "username": "liuser666", "url": "u/liuser666", "website": "", "twitter": null, "psn": null, "github": null, "btc": null, "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/b8ec02fe3e41d8ed3919083ea9a93972?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/b8ec02fe3e41d8ed3919083ea9a93972?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/b8ec02fe3e41d8ed3919083ea9a93972?s=73&d=retro", "created": 1564130364, "last_modified": 1669882500, "pro": 0}, "created": 1587798035, "topic_id": 665687, "content": "\u524d\u7aef\u7528\u4e00\u4e0b\u7b97\u6cd5\u5bf9\u5b57\u7b26\u4e32\u52a0\u4e00\u5c42 hash \u7b49\u7b49\u518d webpack \u4e00\u4e0b\uff0c\u7136\u540e\u540e\u7aef\u540c\u6837\uff0c\u7aef\u53e3\u8981\u6c42\u5904\u7406\u7ed3\u679c\uff0c\u6700\u540e\u540e\u7aef\u5bf9\u6bd4\uff0c\u8ba9\u4ed6\u4e0d\u5f97\u4e0d\u4ece\u524d\u7aef\u8d70\u3002", "content_rendered": "\u524d\u7aef\u7528\u4e00\u4e0b\u7b97\u6cd5\u5bf9\u5b57\u7b26\u4e32\u52a0\u4e00\u5c42 hash \u7b49\u7b49\u518d webpack \u4e00\u4e0b\uff0c\u7136\u540e\u540e\u7aef\u540c\u6837\uff0c\u7aef\u53e3\u8981\u6c42\u5904\u7406\u7ed3\u679c\uff0c\u6700\u540e\u540e\u7aef\u5bf9\u6bd4\uff0c\u8ba9\u4ed6\u4e0d\u5f97\u4e0d\u4ece\u524d\u7aef\u8d70\u3002", "last_modified": 1587798035, "member_id": 432231, "id": 8878664}, {"member": {"id": 200123, "username": "sagaxu", "url": "u/sagaxu", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/a4b7/3b82/200123_mini.png?m=1735644881", "avatar_normal": "https://cdn.v2ex.com/avatar/a4b7/3b82/200123_normal.png?m=1735644881", "avatar_large": "https://cdn.v2ex.com/avatar/a4b7/3b82/200123_large.png?m=1735644881", "created": 1478431593, "last_modified": 1735644881, "pro": 0}, "created": 1587864452, "topic_id": 665687, "content": "@tctc4869 \u590d\u6742\u67e5\u8be2\u53ef\u4ee5\u62fc\u6a21\u677f\u62fc\u53c2\u6570\uff0c\u62fc SQL \u80fd\u505a\u7684\u62fc\u6a21\u677f\u5199\u6cd5\u4e5f\u5dee\u4e0d\u591a", "content_rendered": "@tctc4869 \u590d\u6742\u67e5\u8be2\u53ef\u4ee5\u62fc\u6a21\u677f\u62fc\u53c2\u6570\uff0c\u62fc SQL \u80fd\u505a\u7684\u62fc\u6a21\u677f\u5199\u6cd5\u4e5f\u5dee\u4e0d\u591a", "last_modified": 1587864452, "member_id": 200123, "id": 8880864}, {"member": {"id": 446598, "username": "fancy111", "url": "u/fancy111", "website": null, "twitter": null, "psn": null, "github": null, "btc": null, "location": null, "tagline": null, "bio": null, "avatar_mini": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_mini.png?m=1575423207", "avatar_normal": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_normal.png?m=1575423207", "avatar_large": "https://cdn.v2ex.com/avatar/69b6/fbd2/446598_large.png?m=1575423207", "created": 1571023123, "last_modified": 1575423207, "pro": 0}, "created": 1587864877, "topic_id": 665687, "content": "@aguesuka \u4f60\u5148\u641e\u61c2\u4ec0\u4e48\u53eb\u53ea\u7528 innertext\uff0c\u4f60\u8fd9\u4e2a\u8fc7\u6ee4\u662f\u9760 searchParams \u89e3\u6790\u540e\u8f6c\u5316\u7684\uff0c\u8fd8\u4e0d\u7528\u8fc7\u6ee4\uff0c\u4f60\u8fde\u4ec0\u4e48\u53eb\u8fc7\u6ee4\u90fd\u4e0d\u61c2\u3002\r\n\u53e6\u5916\u8c01\u4f1a\u8fd9\u4e48\u7528\uff1f\u4f60\u7f51\u7ad9\u4e0a\u663e\u793a\u7684\u5b57\u7b26\u90fd\u662f\u8fd9\u6837\u6765\u7684\u5417\uff1f \u641e\u7b11\u3002", "content_rendered": "@aguesuka \u4f60\u5148\u641e\u61c2\u4ec0\u4e48\u53eb\u53ea\u7528 innertext\uff0c\u4f60\u8fd9\u4e2a\u8fc7\u6ee4\u662f\u9760 searchParams \u89e3\u6790\u540e\u8f6c\u5316\u7684\uff0c\u8fd8\u4e0d\u7528\u8fc7\u6ee4\uff0c\u4f60\u8fde\u4ec0\u4e48\u53eb\u8fc7\u6ee4\u90fd\u4e0d\u61c2\u3002
\u53e6\u5916\u8c01\u4f1a\u8fd9\u4e48\u7528\uff1f\u4f60\u7f51\u7ad9\u4e0a\u663e\u793a\u7684\u5b57\u7b26\u90fd\u662f\u8fd9\u6837\u6765\u7684\u5417\uff1f \u641e\u7b11\u3002", "last_modified": 1587864877, "member_id": 446598, "id": 8880913}, {"member": {"id": 337996, "username": "xiaomimei", "url": "u/xiaomimei", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/avatar/a0a5/fef9/337996_mini.png?m=1541517862", "avatar_normal": "https://cdn.v2ex.com/avatar/a0a5/fef9/337996_normal.png?m=1541517862", "avatar_large": "https://cdn.v2ex.com/avatar/a0a5/fef9/337996_large.png?m=1541517862", "created": 1533192546, "last_modified": 1541517862, "pro": 0}, "created": 1587866924, "topic_id": 665687, "content": "\u770b\u697c\u4e0a\u7684\u6709\u4e9b\u4eba\uff0c\u5c31\u77e5\u9053\u5b89\u5168\u7ed9\u5f00\u53d1\u53cd\u9988\u6f0f\u6d1e\u7684\u65f6\u5019\u6709\u591a\u96be\u53d7\u4e86\u3002", "content_rendered": "\u770b\u697c\u4e0a\u7684\u6709\u4e9b\u4eba\uff0c\u5c31\u77e5\u9053\u5b89\u5168\u7ed9\u5f00\u53d1\u53cd\u9988\u6f0f\u6d1e\u7684\u65f6\u5019\u6709\u591a\u96be\u53d7\u4e86\u3002", "last_modified": 1587866924, "member_id": 337996, "id": 8881142}, {"member": {"id": 122674, "username": "stevenkang", "url": "u/stevenkang", "website": "https://xiaoi.me", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "\u963f\u91cc\u4e91 MVP \u6700\u6709\u4ef7\u503c\u4e13\u5bb6\u3002\r\n\u4e91\u6816\u535a\u5ba2\uff1ahttps://yq.aliyun.com/u/stevenkang", "avatar_mini": "https://cdn.v2ex.com/avatar/aac4/a294/122674_mini.png?m=1564821098", "avatar_normal": "https://cdn.v2ex.com/avatar/aac4/a294/122674_normal.png?m=1564821098", "avatar_large": "https://cdn.v2ex.com/avatar/aac4/a294/122674_large.png?m=1564821098", "created": 1434505093, "last_modified": 1564821098, "pro": 0}, "created": 1587869221, "topic_id": 665687, "content": "\u697c\u4e0a\u4e89\u6765\u4e89\u53bb\uff0c\u4e00\u7fa4\u4eba\u6309\u7167\u524d\u7aef\u6e32\u67d3\u7684\u89d2\u5ea6\u6765\u8bf4\uff0c\u4e00\u7fa4\u4eba\u6309\u7167\u540e\u7aef\u6e32\u67d3\u7684\u89d2\u5ea6\u6765\u8bf4\uff0c\u8fd9\u6837\u8ba8\u8bba\u95ee\u9898\u6beb\u65e0\u610f\u4e49\u3002\r\n\r\n# \u524d\u7aef\u6e32\u67d3\u65f6\r\n1 \u3001\u524d\u7aef\u8d1f\u8d23\u5904\u7406 XSS\uff0c\u7528 innerText \u53ef\u4ee5\u89e3\u51b3\u3002\r\n2 \u3001\u540e\u7aef\u8d1f\u8d23\u5904\u7406 SQL \u6ce8\u5165\uff0c\u7528 prepared statement \u53ef\u4ee5\u89e3\u51b3\u3002\r\n\r\n# \u540e\u7aef\u6e32\u67d3\u65f6\r\n1 \u3001\u524d\u7aef\u4e0d\u7528\u5904\u7406 XSS \u3001SQL \u6ce8\u5165\u3002\r\n2 \u3001\u540e\u7aef\u8d1f\u8d23\u5904\u7406 SQL \u6ce8\u5165\uff0c\u7528 prepared statement \u53ef\u4ee5\u89e3\u51b3\u3002\r\n3 \u3001\u540e\u7aef\u8fd8\u9700\u989d\u5916\u5904\u7406\u7528\u6237\u63d0\u4ea4\u7684\u6570\u636e\u5fc5\u987b\u8fdb\u884c HTML \u8f6c\u4e49\u540e\u518d\u6e32\u67d3\u8fd4\u56de\u7ed9\u524d\u7aef\u3002", "content_rendered": "\u697c\u4e0a\u4e89\u6765\u4e89\u53bb\uff0c\u4e00\u7fa4\u4eba\u6309\u7167\u524d\u7aef\u6e32\u67d3\u7684\u89d2\u5ea6\u6765\u8bf4\uff0c\u4e00\u7fa4\u4eba\u6309\u7167\u540e\u7aef\u6e32\u67d3\u7684\u89d2\u5ea6\u6765\u8bf4\uff0c\u8fd9\u6837\u8ba8\u8bba\u95ee\u9898\u6beb\u65e0\u610f\u4e49\u3002

# \u524d\u7aef\u6e32\u67d3\u65f6
1 \u3001\u524d\u7aef\u8d1f\u8d23\u5904\u7406 XSS\uff0c\u7528 innerText \u53ef\u4ee5\u89e3\u51b3\u3002
2 \u3001\u540e\u7aef\u8d1f\u8d23\u5904\u7406 SQL \u6ce8\u5165\uff0c\u7528 prepared statement \u53ef\u4ee5\u89e3\u51b3\u3002

# \u540e\u7aef\u6e32\u67d3\u65f6
1 \u3001\u524d\u7aef\u4e0d\u7528\u5904\u7406 XSS \u3001SQL \u6ce8\u5165\u3002
2 \u3001\u540e\u7aef\u8d1f\u8d23\u5904\u7406 SQL \u6ce8\u5165\uff0c\u7528 prepared statement \u53ef\u4ee5\u89e3\u51b3\u3002
3 \u3001\u540e\u7aef\u8fd8\u9700\u989d\u5916\u5904\u7406\u7528\u6237\u63d0\u4ea4\u7684\u6570\u636e\u5fc5\u987b\u8fdb\u884c HTML \u8f6c\u4e49\u540e\u518d\u6e32\u67d3\u8fd4\u56de\u7ed9\u524d\u7aef\u3002", "last_modified": 1587869221, "member_id": 122674, "id": 8881442}, {"member": {"id": 54849, "username": "viikker", "url": "u/viikker", "website": "", "twitter": "", "psn": "", "github": "", "btc": "", "location": "", "tagline": "", "bio": "", "avatar_mini": "https://cdn.v2ex.com/gravatar/e6ddf1c3b6d74a06fd2b9c142edf5b07?s=24&d=retro", "avatar_normal": "https://cdn.v2ex.com/gravatar/e6ddf1c3b6d74a06fd2b9c142edf5b07?s=48&d=retro", "avatar_large": "https://cdn.v2ex.com/gravatar/e6ddf1c3b6d74a06fd2b9c142edf5b07?s=73&d=retro", "created": 1390478505, "last_modified": 1390478505, "pro": 0}, "created": 1587870297, "topic_id": 665687, "content": "\u6ca1\u6709", "content_rendered": "\u6ca1\u6709", "last_modified": 1587870297, "member_id": 54849, "id": 8881580}] ubao msn snddm index pchome yahoo rakuten mypaper meadowduck bidyahoo youbao zxmzxm asda bnvcg cvbfg dfscv mmhjk xxddc yybgb zznbn ccubao uaitu acv GXCV ET GDG YH FG BCVB FJFH CBRE CBC GDG ET54 WRWR RWER WREW WRWER RWER SDG EW SF DSFSF fbbs ubao fhd dfg ewr dg df ewwr ewwr et ruyut utut dfg fgd gdfgt etg dfgt dfgd ert4 gd fgg wr 235 wer3 we vsdf sdf gdf ert xcv sdf rwer hfd dfg cvb rwf afb dfh jgh bmn lgh rty gfds cxv xcv xcs vdas fdf fgd cv sdf tert sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf shasha9178 shasha9178 shasha9178 shasha9178 shasha9178 liflif2 liflif2 liflif2 liflif2 liflif2 liblib3 liblib3 liblib3 liblib3 liblib3 zhazha444 zhazha444 zhazha444 zhazha444 zhazha444 dende5 dende denden denden2 denden21 fenfen9 fenf619 fen619 fenfe9 fe619 sdf sdf sdf sdf sdf zhazh90 zhazh0 zhaa50 zha90 zh590 zho zhoz zhozh zhozho zhozho2 lislis lls95 lili95 lils5 liss9 sdf0ty987 sdft876 sdft9876 sdf09876 sd0t9876 sdf0ty98 sdf0976 sdf0ty986 sdf0ty96 sdf0t76 sdf0876 df0ty98 sf0t876 sd0ty76 sdy76 sdf76 sdf0t76 sdf0ty9 sdf0ty98 sdf0ty987 sdf0ty98 sdf6676 sdf876 sd876 sd876 sdf6 sdf6 sdf9876 sdf0t sdf06 sdf0ty9776 sdf0ty9776 sdf0ty76 sdf8876 sdf0t sd6 sdf06 s688876 sd688 sdf86