一、利用正则验证用户名
[a-zA-Z0-9_-]
:匹配任意字母、数字、下划线或破折号。{3,16}
:限制用户名的长度在6到16个字符之间。
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
<form>
<input type="text" id="username" name="username" pattern="[A-Za-z0-9_-]{6,16}" required>
<input type="submit" value="提交">
<div class="error-message">用户名必须由6到16个字符的字母、数字组成。</div>
</form>
</body>
</html>
二、跨域postmessage
验证跨域:在子页面里接受到返回值和发送消息到子页面,实现跨域
子页面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>2023</title>
</head>
<body>
<div>
<h1>2024.security.pw</h1>
</div>
</body>
<script>
window.addEventListener('message', (event) => {
if (event.origin === 'http://2024.oupeng.pw') {
const cookieData = event.data;
//处理cookieData
console.log('Receive message from parent:', cookieData);
window.parent.postMessage('child message', '*');
}
})
</script>
</html><!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>2023</title>
</head>
<body>
<div>
<h1>2024.security.pw</h1>
</div>
</body>
<script>
window.addEventListener('message', (event) => {
if (event.origin === 'http://2024.oupeng.pw') {
const cookieData = event.data;
//处理cookieData
console.log('Receive message from parent:', cookieData);
window.parent.postMessage('child message', '*');
}
})
</script>
</html>
父页面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>iframe</title>
</head>
<body>
<iframe id="myIframe" src="http://2024.security.pw/" frameborder="0"></iframe>
</body>
<script>
window.onload = function() {
document.cookie = 'sessionid=oupeng'
const cookieData = document.cookie
window.frames[0].postMessage(cookieData, 'http://2024.security.pw/');
}
//添加一个监听事件处理子页面的返回消息
window.addEventListener('message', (event) => {
if(event.origin === 'http://2024.security.pw')
console.log('Received message from child:', event.data);
})
</script>
</html>