下面这段代码,不会替换ld<sad中间的<,所以内容仍然是正常的 复制代码 代码如下: <% function nohtml(str) dim re Set re=new RegExp re IgnoreCase =true re Global=True re Pattern="( < [^ <]* >)" str=re replace(str," ") re Pattern="( < [^ <]* >)" str=re replace(str," ") str=replace(str," ","") str=replace(str," ","") nohtml=str set re=nothing end function str="<title>sadjk

下面这段代码,不会替换ld<sad中间的<,所以内容仍然是正常的

复制代码 代码如下:

<%
function nohtml(str)
dim re
Set re=new RegExp
re.IgnoreCase =true
re.Global=True
re.Pattern="(\<.[^\<]*\>)"
str=re.replace(str," ")
re.Pattern="(\<\/[^\<]*\>)"
str=re.replace(str," ")
str=replace(str," ","")
str=replace(str," ","")
nohtml=str
set re=nothing
end function
str="<title>sadjksjdl脚本之家欢迎你sajdljsald<sadsadsad<br>" '这里是测试
response.write nohtml(str)
%>

结果为:
复制代码 代码如下:

sadjksjdl脚本之家欢迎你sajdljsald<sadsadsad

不过下面的代码是不问的,直接看到<就忘后面无限制的匹配
复制代码 代码如下:

<%
Function dropHtml(Byval strHTML)
Dim objRegExp, Match, Matches
Set objRegExp = New Regexp
objRegExp.IgnoreCase = True
objRegExp.Global = True
'取闭合的<>
objRegExp.Pattern = "<.+?>"
'进行匹配
Set Matches = objRegExp.Execute(strHTML)
' 遍历匹配集合,并替换掉匹配的项目
For Each Match in Matches
strHtml=Replace(strHTML,Match.Value,"")
Next
dropHtml=strHTML
Set objRegExp = Nothing
End Function
str="<title>sadjksjdl脚本之家欢迎你sajdljsald<sadsadsad<br>" '这里是测试
response.write dropHtml(str)
%>

结果为:
复制代码 代码如下:

sadjksjdl脚本之家欢迎你sajdljsald

关键字标签:

上一篇:ASP中Server.Execute和Execute实现动态包含(include)脚本的区别
下一篇:ASP上传漏洞之利用CHR(0)绕过扩展名检测脚本