Home >Web Front-end >JS Tutorial >Disguised judgment code for cross-domain form submission status_javascript skills
Disguised judgment code for cross-domain form submission status_javascript skills
- WBOYOriginal
- 2016-05-16 18:42:021209browse
Thinking about it, if the internal page information of the iframe can be obtained at first, then when it cannot be obtained, doesn't it mean that the form has been submitted~
We found that the information in the lower right corner of Baidu's bidding is also judged by this method. You can refer to it.
Example:
test.html:
Copy code The code is as follows:
<script> <br>document.testform.onsubmit = function () { <br>document.testform.submitbtn.disabled = true; <br>submitMonitor(); <br><br>} <br>function submitMonitor () { <br>try{ <br>var hash = document.getElementById(' testiframe').contentWindow.location.hash; <br>setTimeout(submitMonitor,100); <br>} catch (e) { <br>document.getElementById('testiframe').src = "about:blank"; <br>document.testform.submitbtn.disabled = false; <br>} <br>} <br></script>
Note that the following code is Cross-domain, not under the same domain name
testaction.php
Copy code The code is as follows:
sleep(5);
echo $_POST['dddd'];
?>
Disadvantages:
This disadvantage It is also obvious that if it is a 404, 403, 500, etc. error, it will be mistaken for a successful submission.
So, please note: this method is for research and is used to develop thinking.
This is Baidu’s judgment code
Copy the code The code is as follows:
var sfMessTimes ;
function sfMessSubmitMonitor () {
try{
var hash = sf_mess_lib.getElement(SF_MESS_FRAME_ID).contentWindow.location.hash;
sfMessTimes ;
if (sfMessTimes > 5 0) {
alert(sf_mess_msg.fail); < l; i ) {
document.getElementById(SF_MESS_PREFIX sf_mess_cols[i].idname).disabled = false;
}
} catch (e) {
sf_mess_lib.getElement(SF_MESS_FRAME_ID).src = "about:blank";
alert(sf_mess_msg.success);
sf_mess_lib.getElement(SF_MESS_SUBMIT_ID).disabled = false;
for (var i = 0, l = sf_mess_cols.length; i < l; i ) {
var inputCfg = sf_mess_cols[i]; var inputEl = document.getElementById(SF_MESS_PREFIX inputCfg.idname);
inputEl.disabled = false;
inputEl.value = filtInnertip(inputCfg.innertip);
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:javascript currying functions that return functions_javascript tipsNext article:javascript currying functions that return functions_javascript tips
Related articles
See more- An in-depth analysis of the Bootstrap list group component
- Detailed explanation of JavaScript function currying
- Complete example of JS password generation and strength detection (with demo source code download)
- Angularjs integrates WeChat UI (weui)
- How to quickly switch between Traditional Chinese and Simplified Chinese with JavaScript and the trick for websites to support switching between Simplified and Traditional Chinese_javascript skills