JavaScript变量的值会自动转义
[英]JavaScript variable's value is automatically unescaped
问题描述
<script>
test('test.php?a=%3D');//alert(1)
function test(a){
alert(a);
if(a == 'test.php?a=%3D'){
alert(1);
}else{
alert(2);
}
}
</script>
<a href="javascript:test('test.php?a=%3D')">aaa</a > <!-- alert(2) -->
why two different ways get different results? 
为什么两种不同的方式获得不同的结果? can anyone help me? 谁能帮我? thank you very much! 非常感谢你!
2 个解决方案
解决方案1
1 已采纳 2016-11-21 04:43:50
Let's analyze these two scenarios: 让我们分析以下两种情况:
test('test.php?a=%3D');//alert(1)test.php?a=%3Dis considered as a variable.test('test.php?a=%3D');//alert(1)test.php?a=%3D被视为变量。<a href="javascript:test('test.php?a=%3D')">aaa</a > <!-- alert(2) -->test.php?a=%3Dis considered as an URL with query string and%3Dconverts to=.<a href="javascript:test('test.php?a=%3D')">aaa</a > <!-- alert(2) -->test.php?a=%3D被视为带有查询字符串和%3DURL转换为=。 So the complete result istest.php?a==所以完整的结果是test.php?a==
That's the reason these two values are different. 这就是这两个值不同的原因。 Again, consider the code which is shown below - test.php?a=%3D is considered as a variable, so result is alert(1) . 再次考虑下面显示的代码test.php?a=%3D被视为变量,因此结果为alert(1) 。
<input type="button" value="Click" onclick="javascript:test('test.php?
a=%3D')"/>
解决方案2
0 2016-11-21 04:18:19
You have error in your code 您的代码有误
Line 12 12号线
<a href="javascript" click="test('test.php?a=%3D'">aaa</a > <!-- alert(2) -->
Change this line and try 更改此行并尝试
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.