$(document).ajaxSend(onSend);
function onSend(e,xhr,o) {
o.data=dataEncode(o.data);
};
function htmlEncode (str){
var s = "";
if (str.length == 0) return "";
//s = str.replace(/ /g, " ");
//s = str.replace(/&/g, "&");
s = str.replace(//g, "%26gt%3B");
s = s.replace(/%3E/g, "%26gt%3B");
s = s.replace(/%3e/g, "%26gt%3B");
//s = s.replace(/\'/g, "'");
//s = s.replace(/\"/g, """);
//s = s.replace(/\n/g, "
");
return s;
};
function htmlEncodeOut (str){
var s = "";
if (str.length == 0) return "";
//s = str.replace(/ /g, " ");
//s = str.replace(/&/g, "&");
s = str.replace(//g, ">");
s = s.replace(/%3E/g, ">");
s = s.replace(/%3e/g, ">");
s = s.replace(/%26lt%3B/g, "<");
s = s.replace(/%26lt%3b/g, "<");
s = s.replace(/%26gt%3B/g, ">");
s = s.replace(/%26gt%3b/g, ">");
//s = s.replace(/\'/g, "'");
//s = s.replace(/\"/g, """);
//s = s.replace(/\n/g, "
");
return s;
};
function dataEncode(data){
var rel=data;
var source="";
if(typeof(rel) == "object"){
source=htmlEncode(JSON.stringify(rel));
source=JSON.parse(source);
rel=source;
}else if(typeof(rel) == "string"){
source=htmlEncode(rel);
rel=source;
}
return rel;
};
function dataEncodeOut(data){
var rel=data;
var source="";
if(typeof(rel) == "object"){
source=htmlEncodeOut(JSON.stringify(rel));
source=JSON.parse(source);
rel=source;
}else if(typeof(rel) == "string"){
source=htmlEncodeOut(rel);
rel=source;
}
return rel;
};
/*
//此处的Ajax请求是一个示例;未使用框架封装的Ajax请求时,这需要在自己的ajax方法的success函数的首行添加-- data=dataEncodeOut(data);
jQuery.ajax({
type:"post",
data:data,
url:"http://dfh.smartcity.com/portal/app/service/App.getStateCatalogues.json",
async:async,
dataType:"json",
success: function aa(data) {
//需要首行添加
data=dataEncodeOut(data);
alert("success已经收到:"+data);
}
});*/
本文题目:Jquery封装Ajax过滤XSS
文章起源:
http://cdweb.net/article/jhspic.html