I was looking over the WebGoat exercises, and for one question they ask that you create a JavaSc开发者_JS百科ript alert using an img tag.
Their solution is thus:
<img src=x onerror=;;alert('XSS') />
Looking at their solution, I wonder why two (as opposed to just one) semicolns are necessary before the actual alert?
Indeed the semicolons aren't necessary i just tested the same tag w/o the semicolons on FF5 and Chrome latest, they both send the alerts with this
<img src=x onerror=;;alert('XSS') />
<img src=x onerror=alert('XSS') />
<img src="x" onerror="alert('XSS')" />
i think they are trying to stop the onerror event in the first semicolon, then output the bogus code out of the event in the alert
i tried this
<img src=x onerror=alert('eventfire');;alert('XSS') />
and it encloses both alerts inside the event, so its not running the second alert outside the event scope.
answer? seems to be doing the same thing w/o the semicolons (maybe there for old browsers that parse the html poorly and execute the alert outside the scope of the event???)
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论