是否有可能快速连续重新加载iframe? [英] Is it possible to reload iframes in a quick succession?
问题描述
我目前正在开发一个项目,其中包括在不同浏览器中测试XSS有效载荷。目标是找出,如果有效载荷仍然有效,或不。
我接近这个问题的方法是将每个有效载荷加载到一个单独的或新的iframe中。由于我将测试大量的有效载荷,因此只需为每个有效载荷指定一个专用的iframe似乎不可行。因此,我需要一个接一个地将有效载荷加载到iframe中。
我尝试通过设置iframe的src-Attribute来重新加载iframe,如下所示:
function testing_iframe2(iframe_id,payload){//一次有效,但不能testing_iframe2(frame1,'< button onfocus =alert(1)autofocus>'); testing_iframe2(frame1 ,'< svg / onload =alert(4)>');
< html>< body>< iframe id =frame1class =frames>< / iframe>< / body>< / html> $ b
$ b
所以这里是我的问题:
是否可以快速连续加载/重新加载/创建+删除iframe?这个问题非常感谢)
解决方案试试这个 b
$ b
< iframe id =iframe1>< / iframe>
I'm currently working on a project which includes testing XSS payloads in different browsers. The goal is to find out, if the payloads are still working, or not.
The way I'm approaching this problem is by loading each payload in a seperate, or new, iframe. Since I will be testing a ton of payloads, simply specifying one dedicated iframe per payload doesn't seem feasible. Therefore I need to load the payloads into iframes one after another.
I've tried reloading the iframe by setting the src-Attribute of the iframe like the following:
function testing_iframe2(iframe_id,payload)
{
//Does work one time, though not consecutively
document.getElementById(iframe_id).src = "data:text/html," + payload;
}
testing_iframe2("frame1",'<button onfocus="alert(1)" autofocus>');
testing_iframe2("frame1",'<svg/onload="alert(4)">');
<html>
<body>
<iframe id="frame1" class="frames"></iframe>
</body>
</html>
As you can see, only the second payload is executed.
So here is my question:
Is it possible to load/reload/create+delete iframes in a quick succession?(Of course, any other solutions to the problem are gladly appreciated)
解决方案 Try this
var iframe = document.getElementById("iframe1");
var testes = [
'<svg onload="alert(1);" />',
'<svg onload="alert(2);" />'
];
iframe.onload = function(){
if(testes.length > 0){
iframe.src = "data:text/html," + testes.shift();
}
}
iframe.onload();
<iframe id="iframe1"></iframe>
这篇关于是否有可能快速连续重新加载iframe?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
