> Here's a snapshot of the related code:
>
> <form action="blahblah.php" method="post">
> document.write: <input type="text" name="p1" size="60" value="ggggg">
> <input type="submit" value="reflect">
> <pre><script>document.write("gggggg");</script></pre>
> </form>
Is this some sort of homework?
> So as you see all reflection points are in double quotes and all key
> characters are blocked off as mentioned earlier.
>
> An input in the text box of: < > : ; " ' ` = ( ) / \ * is reflected back as:
> < > : ; " ' ` = ( ) / \ *
> Here's a snapshot of the related code:
>
> <form action="blahblah.php" method="post">
> document.write: <input type="text" name="p1" size="60" value="ggggg">
> <input type="submit" value="reflect">
> <pre><script>document.write("gggggg");</script></pre>
> </form>
Is this some sort of homework?
> So as you see all reflection points are in double quotes and all key
> characters are blocked off as mentioned earlier.
>
> An input in the text box of: < > : ; " ' ` = ( ) / \ * is reflected back as:
> < > : ; " ' ` = ( ) / \ *
You need to target the document.write() call.
[ reply ]