方法如下:
/**
* [hasIllegalChar 判断是否含有script非法字符]
* @param {[type]} str [要判断的字符串]
* @return {Boolean} [true:含有,验证不通过;false:不含有,验证通过]
*/
function hasIllegalChar(str) {
return new RegExp(".*?script[^>]*?.*?(<\/.*?script.*?>)*", "ig").test(str);
}
完整代码
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title></title>
<link rel="stylesheet" href="">
</head>
<script>
/**
* [hasIllegalChar 判断是否含有script非法字符]
* @param {[type]} str [要判断的字符串]
* @return {Boolean} [true:含有,验证不通过;false:不含有,验证通过]
*/
function hasIllegalChar(str) {
return new RegExp(".*?script[^>]*?.*?(<\/.*?script.*?>)*", "ig").test(str);
}
</script>
<body>
<div>
<input type="text" name="search">
<span id="err" style="color:red"></span>
</div>
</body>
<script>
var ipt = document.getElementsByName("search")[0];
var err = document.getElementById("err");
ipt.onblur = function () {
err.innerText = hasIllegalChar(this.value)?"含有非法字符":"";
}
</script>
</html>
效果如下