XSS过滤在线测试


在下面文本框输入任意HTML

输出 用时 6毫秒

<h1>XSS Demo</h1>

<p>
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist.
</p>

&lt;form&gt;
  &lt;input type="text" name="q" value="test"&gt;
  &lt;button id="submit"&gt;Submit&lt;/button&gt;
&lt;/form&gt;

<pre>hello</pre>

<p>
  <a href="http://jsxss.com">http</a>
  <a href="https://jsxss.com">https</a>
  <a href="ftp://jsxss.com">ftp</a>
  <a href>other1</a>
  <a href="/other2">other2</a>
  <a href="#">other3</a>
</p>

<h3>Features:</h3>
<ul>
  <li>Specifies HTML tags and their attributes allowed with whitelist</li>
  <li>Handle any tags or attributes using custom function</li>
</ul>

&lt;script type="text/javascript"&gt;
alert(/xss/);
&lt;/script&gt;
      

预览

XSS Demo

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist.

<form> <input type="text" name="q" value="test"> <button id="submit">Submit</button> </form>
hello

http https ftp other1 other2 other3

Features:

  • Specifies HTML tags and their attributes allowed with whitelist
  • Handle any tags or attributes using custom function
<script type="text/javascript"> alert(/xss/); </script>