脚本格式
<scriptCode>alert(1)
</scriptCode>
function exeScript(str){
str = str.replace(
/(^\s*)|(\s*$)/g,
"");
var exp =
/(\<scriptCode\s*\>([^\<]+)(\<\s*\/\s*scriptCode\s*\>)?|[^\<scriptCode\>]+)/gim;
var resulet = str.match(exp);
for(
var i
in resulet){
var code = resulet[i].replace(exp,
"$2");
try{
if(
window.execScript) {
window.execScript(code);
}
else {
window.eval(code);
}
}
catch(e){}
}
}
转载请注明原文地址: https://ju.6miu.com/read-963286.html
