What is the meaning of - before an alert(1) and what is the meaning of // at the end of code?
<script>
var searchTerms = '\\'-alert(1)//';
document.write('<img src="/resources/images/tracker.gif?searchTerms='+encodeURIComponent(searchTerms)+'">');
</script>
It means to essentially get the negative of the (non-existent) return value of alert(1)
.
The last part appears to be an empty regex also serving to escape out the final single quote.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.