-
Notifications
You must be signed in to change notification settings - Fork 13
/
xss3.html
20 lines (16 loc) · 941 Bytes
/
xss3.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
<html><body>
<script>
/* for debug, remove from production */
console.log('name = $name');
</script>
Mighty <div id='namediv'></div>, compose your email now:
<form>To: <input type='text'></input><br>
Subject: <input type='text'></input><br>
Content: <textarea></textarea><br>
<input type="button" value="Send!"/>
</form>
<script>
var urlparser = new URLSearchParams(window.location.search);
document.getElementById('namediv').innerHTML = urlparser.get('name');
</script>
</body></html>