Clever Geek Handbook

How do I run a script in HTML without a <script> tag?

enter image description hereI'm using WaveMaker's low code development platform right now, and it gives you the ability to customize the "markup" of the page (HTML but you can't edit <head>

, it's all weird), Javascript of the page, especially with events like onpageload, etc. , page style (CSS) and page variables (JSON). I'm trying to implement a Formstack of a form, but every time the markup section encounters a tag <script>

, it removes everything after the tag ends. This is what the markup page looks like. I contacted support and they seemed to indicate that it was on purpose. Is there a way to make the HTML version of the script included in a string without being told <script>

? PS: I would be able to implement with iFrames, but for some reason iFrames are not working on the iPhone test program even though they are running on a simulator.

+5
javascript html wavemaker


source to share


3 answers


What you can do is put it in an HTML event attribute.

<body onload="/*your JS here*/">

</body>


If that doesn't work, try attaching onload to another HTML element, or try one of the other event handlers (although I believe they should have taken that into account as well)

+4


source to share


How about this:



<body onload="javascript:(function(){
// you can place your code here it should run
alert('ok')
})()">

</body>
0


source to share


In Avatao Senior the Career the Path have the Career hacking task to which you want to insert malicious JavaScript code, but the & lt; script & gt; filtered by tags (no other tags). Aenadon's answer gave me one solution:

<body onload="your JS here"> </body>

After submitting, I checked the official solution and found that:

<img src="x" onerror=alert('xss')>
0


source to share






More articles:


All Articles
Loading...
X
Show
Funny
Dev
Pics