dasoran/20130222_blog_1.js

Last active May 8, 2022 13:55

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/dasoran/5008534.js"></script>
Save dasoran/5008534 to your computer and use it in GitHub Desktop.

Download ZIP

innerHTML を用いた A タグ生成コード。linkUrl が "><script>....</script> のようになっていた場合、任意の JavaScript の埋め込みが可能になってしまう。

Raw

20130222_blog_1.js

	function buildAtag(target, linkUrl, linkName) {
	target.innerHTML = '<a href="' + linkUrl + '">' +
	linkName +
	'</a>';
	}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment