我正在尝试创建一个简单的表单并对该表单执行 XSS 攻击。
但是当我在任何字段上输入 <script>alert("Hello")</script> 但没有任何反应时。
虽然尚未添加输入验证。按钮功能目前运行良好
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<?php
// put your code here
?>
<td width="615">
<table cellspacing="0" cellpadding="0" width="614" border="0">
<tbody>
<tr>
<td bgcolor="#333333"></td>
</tr>
</tbody>
</table>
<table cellspacing="0" cellpadding="0" width="614" border="0">
<tbody>
<tr bgcolor="#ecece0"></tr>
<tr bgcolor="#333333"></tr>
</tbody>
</table>
<font face="Arial">
<title>BadStore.net - Sign our Guestbook</title>
<h1>Sign our Guestbook!</h1>
<hr><p>Please complete this form to sign our Guestbook. The email field is not required, but helps us contact you to respond to your feedback. Thanks!</p><p></p><hr>
<table border="0" celllpadding="10">
<form method="post" action="<?php echo $_SERVER["PHP_SELF"];?>">
<tbody>
<tr>
<td>Your Name:</td> <td><input type="text" name="name" size="30"></td>
</tr>
<tr>
<td>Email:</td> <td><input type="text" name="email" size="40"></td>
</tr>
<tr>
<td valign="TOP">Comments:</td>
<td><textarea name="comments" cols="60" rows="4"></textarea></td>
</tr>
</tbody>
</table>
<hr>
<center><input type="submit" value="Add Entry"> <input type="reset"></center></font></td>
</form>
</body>
</html>