Author: nerd does not speak
Brief description:
It's very funny, but I can give you an xss after using your computer.
Detailed description:
Know the id of the target user. Execute js www.2cto.com in the current domain.
LocalStorage. setItem (": USER:", '{"54 lvwei": {"value": {"store": {"recentFollowers": {"value ": "hellolvwei "}}}}}');
Yes, it works better with xss reflection.
Proof of vulnerability:
Solution:
Filter and verify the data
Use Localstorage in HTML5 to get the number of pages accessedDOCTYPE HTML>HTML> Head> MetaCharSet= "Utf-8"> title>title> Head> Body> DivID= "box">Div> Scripttype= "Text/javascript"> functionSetstorage () {if(localstorage.counter) {Localstorage.counter=Number (Localstorage.counter)+1; }Else{Localstorage.counter=1; } returnLocalstorage.counter; } varcounter=Setstorage (); varOBox=
Studied a morning, and finally made a real-time access to local localstorage to simulate registration login ~ ~ ~ User name: Secret nbsp; nbsp; code: Confirm password: //var data={"name": "admin", "pwd": "N"}; function Personalinfo (name,pwd) {This.name=name;This.pwd=pwd;}personalinfo.prototype.savalocalstorage= function () {var storage=window.localstorage.getitem ("Personalinfo");//The data obtained is a stringStorage=json.parse (stor
In the process of learning JS, according to the knowledge points to write some code to test, in order to verify.This procedure uses the following knowledge points:1.regexp, pattern matching of data2. Use the Location object for page jumps.Use of local storage such as 3.cookie/localstorage for= "Inp1" id= "Label1" >User name: for= "Inp2" id= "Label2" >Password:1.regexp notesA.[] and meta data1) [character] understood as the opposite bracket specific co
Just look at the code.1, the introduction of Ueditor and Ueditor use I will not elaborate on the details please poke http://blog.csdn.net/wangdianyong/article/details/397807092, ueditor.jsp${param.content}Localstorage.js$ (document). Ready (function () {if (!window.localstorage) {Alert (' Your browser does not support Localstorage technology! ');} else {var spanobj = $ ("span");Alert ("Spanobj" + spanobj);var Savetimer = setinterval (function () {var
For more information, please see:Http://www.cnblogs.com/beiyuu/archive/2011/07/20/js-localstorage-userdata.htmlThe demo code involved is as follows:There is a more practical technique to prevent the page from closing, display the close page Confirmation popup , the reference code is as follows:Window.onbeforeunload = function () {if (!canleavepage ()) {return (' Confirm leaving the current page? Unsaved data will be lost! ‘);}};JS Local Storage Inform
limitPreviously, these were all done by cookies. However, cookies are not suitable for storing large amounts of data because they are passed by each request to the server, which makes the cookie slow and inefficient. for different sites, the data is stored in different regions, and a Web site can only access its own data. Access to it is also very simpleSessionstorage.propnamelocalstorage.propname, directly the name as a property of Sessionstorage and Local
Talk about these two properties Sessionstrong and Localstorage are HTML5 new point attributes that are used to record some data in the browser.The difference between the two sessionstrong the stored data is temporary, and when the browser is switched off, the stored data will be erased.Localstorage stored data is long-term, when the browser is turned off, the stored data will be saved in the browser.The data stored in the database can be found in the
What is Web storage? Web Storage function, as the name implies, is on the web for the client to store data locally, specifically, the Web storage is divided into two kinds;Sessionstorage:Save the data in the session object, the so-called session refers to the user when browsing a site, from entering the site to the browser close the time elapsed, that is, the user to browse the site time spent. The session object can be used to hold any data that is required to be saved during this time period.
Scene:Loading a page, JS needs to get some data through Ajax requestSo every time you refresh the page there is a request, if the data on the real-time requirements are not high, obviously this is not advisable.How to reduce the pressure on the service side, using Localstorage can solve this problem.Suppose the ID is part of the other K value to be stored.var flag=0,k=null,v_arr=[],v_time=0,v= ';var cday = new Date (). GetDate ();var k = Window.localS
Store.js is a localstorage wrapper that is compatible with all browsers, without the use of cookies or Flash. Store.js will automatically choose to use Localstorage, Globalstorage, or userData to implement local storage capabilities according to the browser.
Store.js provides a very concise API to enable Cross-browser local storage capabilities:?
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17-18
This article mainly introduces the Android WebView how to use the Localstorage method of the relevant information, the need for friends can refer to the
I use HTML5 's Localstorage on Android.
Why can't you read it or not?
A lot of search on the internet has no effect
? mainwebview = (WebView) This.findviewbyid (R.id.mainwebview);
WebSettings settings = Mainwebview.getsettings ();
Settings.setjavascri
When developing a Web page based on micro-trust, it was found that some models could not store information in Localstorage, or that once the page was closed, the stored information was invalidated.
Use cookies instead of Localstorage to store some simple data. Search the Internet, found that W3school has a good solution.
To set Cookies:
function Setcookie (c_name,value,expiredays)
{
var exdate=new
About strings and objects
1.localStorage can only save strings, if the object directly into the Localstorage, then directly save the string object
2. If you call Localstorage's GetItem ("carts") method, the information obtained is also a string
3.js and String conversions
JS Object----> string: var str=json.stringfy (JS object)
String----->js object: var obj=json.parse (string);
such as strings and object
HTML5 provides two new ways to store data on the client:Localstorage (): Data storage with no time limitSessionstorage (): Data storage for a sessionThe following example uses the Localstroage () method to count the number of times a user accesses a pageYou can see the number of visits visits:1 times after you run this code. The number of times you refresh the page continues to grow. When the page is closed, it will continue to grow on its original basis. The following example uses the Sessions
Counter, refresh the page to see the effect:It is important to note thatHTML5 Local storage can only store strings, and any format stored will be automatically converted to strings, so when reading, you need to do a type of conversion. This is why parseint must be used in the previous code . The following address is recommended for learning:Http://www.cnblogs.com/xiaowei0705/archive/2011/04/19/2021372.htmlHTML5 Localstorage Local Storage
In the previous article, we used this file. Now let's simply analyze its mechanism. Let's just look at the comment and then OK:
/*** Backbone localStorage Adapter * Version 1.1.0 ** https://github.com/jeromegn/Backbone.localStorage */(function (root, factory) {if (typeof define = "function" define. amd) {// AMD. register as an anonymous module. define (["underscore", "backbone"], function (_, Backbone) {// Use global variables if the locals are undef
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.