第一部分
通过对<a href="javascript:alert(1)">aaa<a>编码测试浏览器的解析顺序:
解码顺序为先对html实体编码解码,然后对urlcode编码解码
注:‘ :’是协议的一部分
1.对javascript:alert(1)进行html实体编码:
<a href="javascript:alert(1)">ggg</a>
测试可以弹窗,原因是浏览器本就可以解析html,重点是顺序是先解析html实体编码再解析url。
2.对协议进行html实体编码,alert(1)进行urlcode编码
<a href="javascript:%61%6c%65%72%74%28%31%29">fff</a>
测试可以弹窗,原因是先对html实体编码解析出来javascript:这个协议,然后urlcode解析的时候就执行协议了,后面的urlcode编码一并解析了。所以可以弹窗
3.全部用urlcode编码
<a href="%6a%61%76%61%73%63%72%69%70%74:%61%6c%65%72%74%28%31%29">cccc</a>
测试不能弹窗,原因是html实体编码没有解析到urlcode编码,交给URLcode解析后,还原出协议,但此时已经执行过了,不会再执行协议了,可以看到url中有解析出来的协议,而前两个例子并没有。
第二部分
java
需要tomcat
前端:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form action="/login" method="post">
<input type="text" name="username" id="user">
<input type="password" name="password" id="pwd">
<input type="submit" value="submit">
</form>
</body>
</html>
后台:
package com.test;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet("/login")
public class LoginServlet extends HttpServlet {
public void doPost (HttpServletRequest req, HttpServletResponse rep) throws ServletException, IOException{
String username = req.getParameter("username");
String password = req.getParameter("password");
System.out.println("Username: " + username);
System.out.println("Password: " + password);
rep.setContentType("text/html;charset=UTF-8");
rep.getWriter().println("Login successful!\n"+username+password);
}
}
php
前端
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
<form action="test1.php" method="post">
<input type="text" name="username" id="">
<input type="password" name="password" id="">
<input type="submit" value="submit">
</form>
</body>
</html>
后台
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$user=$_POST["username"];
$passwd=$_POST["password"];
echo $user;
}
?>
python
前端:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
<form action="http://localhost:8000/login" method="post">
<input type="text" name="username" id="">
<input type="password" name="password" id="">
<input type="submit" value="submit">
</form>
</body>
</html>
后台:
from flask import Flask, request
app=Flask(__name__)
#通过装饰器定义路由
@app.route('/login',methods=['GET','POST'])
def login():
username=request.form.get('username') #接收数据
password=request.form.get('password')
print('username:',username)
return 'login successfully'
if __name__=='__main__':
app.run(debug=True)