过滤所见所得编辑器里的危险脚本
<textarea id="bug" cols="80" rows="5"><a onclick="test();test1()" onblur="test3()">test</a></textarea><button id="kick">抓虫2</button><script>function kickBug(str) { return str.replace(/<[a-z][^>]+/ig, function($0,$1){ return $0.replace(/\s*on[a-z]+\s*=\s*("[^"]+"|'[^’]+’|[^\s]+)\s*/ig,""); } );}HTMLElement.prototype.__defineGetter__("innerText",function(){return this.textContent;});HTMLElement.prototype.__defineSetter__("innerText",function(text){this.textContent = text;});document.getElementById("kick").onclick = function() { var bug = document.getElementById("bug"); bug.innerText = kickBug(bug.innerText);}</script>
<textarea id="bug" cols="80" rows="5"><a onclick="test();" href="javascript:alert(‘a’)" href="javascript:" href="vbscript:alert()">test</a></textarea><button id="kick">抓虫3</button><script>function kickBug(str) { return str.replace(/<[a-z][^>]+/ig, function($0,$1){ return $0.replace(/\s*(href|src)\s*=\s*("\s*(javascript|vbscript):[^"]+"|’\s*(javascript|vbscript):[^’]+’|(javascript|vbscript):[^\s]+)/ig,""); } );}HTMLElement.prototype.__defineGetter__("innerText",function(){return this.textContent;});HTMLElement.prototype.__defineSetter__("innerText",function(text){this.textContent = text;});document.getElementById("kick").onclick = function() { var bug = document.getElementById("bug"); bug.innerText = kickBug(bug.innerText);}</script>
突然之间失去了语言。那才是真正的寂寞,
