JavaScript
1. Where JavaScript can run:
(1) <stript></stript>Between HTML
such as:
<stript>
function changetext(id)
{
id.innerHTML="谢谢!";
}
</stript>Or, in the HTML event attribute:
for example:
<h1 onclick="changetext(this)">请点击这里</h1>#When you click it, the changetext () function will be executed, and then the page displays "Thank you!"
(2) In the browser, click on the small circle on the left side of the JavaScript console to enter the code
JavaScript syntax
JavaScript syntax follows ECMAScript standard
ECMAScript contains syntax specifications, etc.
JavaScript executes dynamic effects
JavaScript DOM
1. Get HTML element content:
Step 1: Get element
getElementByld () Get element by id
Step 2: Get element content.
InnerHTML: Get element content
For example: www.baidu.com
F12 shortcut key-> options in the developer tools (leftmost box + arrow logo)-> select an area of the page-> id = "" copy the content-> console operation
Console control Desk operation document.getElementById ("form"). InnerHTML and finally press Enter to get the content of the element
Tips:
the shortcut key to return to the previous content
2. Modify HTML element content
Directly after the operation of the Console console after obtaining the content of the HTML element, the assignment operation of "=" is performed after "innerHTML".
Here I form a frame, yes, it can be seen that it is a little flawed
Tips:
assignment in = Double quotation marks are required after the number, and single quotation marks are used if double quotation marks are involved in the use of quotation marks
Dynamically create HTML element content:
1. Use the document.write () function
write () in the Console to write the content of the element to be created
2. Create a warning box dynamically:
"Login" in the developer tool options page, find the following element οnclick = "return false", change the return false in "" to alert (1), and a warning will pop up on the page
GOOD JavaScript
BOM (Browser Object Model): Connect the browser to the programming language
1. Three types of browsers warn users of pop-ups:
(1) Alert pop-up alert ()
(2) Confirm pop-up confirm ()
(3) Prompt pop-up prompt ()
Tips:
These functions are used for simple debugging and information display,
such as: xss vulnerability test, used to warn the existence of browser vulnerabilities
2. How to get the user's cookie from the browser:
Cookie is usually a small piece of text information sent by the server to the client,
such as: when the user enters the account password to log in to the website, the website will generate a cookie for the user as a user credential, equivalent to our The key to
get cookies is a commonly used method of vulnerability exploitation in web security
(1) Get cookie:
Enter document.cookie in Console
(2) Write cookie:
document.cookie = "", "" The content is the written information,
and then get the cookie content at the end of the cookie value will be more Write out value
3. Get browser screen information:
(window.) Screen
4. Get / control user page URL
(window.) Location / window.location.href
to window.location.href = "" assignment, the current page will jump The address in "" is
similar to the operation of window.open/close
