-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
392 lines (268 loc) · 25.7 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>个人微博页</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta property="og:type" content="website">
<meta property="og:title" content="个人微博页">
<meta property="og:url" content="http://yoursite.com/index.html">
<meta property="og:site_name" content="个人微博页">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="个人微博页">
<link rel="alternate" href="/atom.xml" title="个人微博页" type="application/atom+xml">
<link rel="icon" href="/favicon.png">
<link href="//fonts.googleapis.com/css?family=Source+Code+Pro" rel="stylesheet" type="text/css">
<link rel="stylesheet" href="/css/style.css">
</head>
<body>
<div id="container">
<div id="wrap">
<header id="header">
<div id="banner"></div>
<div id="header-outer" class="outer">
<div id="header-title" class="inner">
<h1 id="logo-wrap">
<a href="/" id="logo">个人微博页</a>
</h1>
</div>
<div id="header-inner" class="inner">
<nav id="main-nav">
<a id="main-nav-toggle" class="nav-icon"></a>
<a class="main-nav-link" href="/">Home</a>
<a class="main-nav-link" href="/archives">Archives</a>
</nav>
<nav id="sub-nav">
<a id="nav-rss-link" class="nav-icon" href="/atom.xml" title="RSS Feed"></a>
<a id="nav-search-btn" class="nav-icon" title="Search"></a>
</nav>
<div id="search-form-wrap">
<form action="//google.com/search" method="get" accept-charset="UTF-8" class="search-form"><input type="search" name="q" class="search-form-input" placeholder="Search"><button type="submit" class="search-form-submit"></button><input type="hidden" name="sitesearch" value="http://yoursite.com"></form>
</div>
</div>
</div>
</header>
<div class="outer">
<section id="main">
<article id="post-XSS安全知识" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2018/04/05/XSS安全知识/" class="article-date">
<time datetime="2018-04-05T08:02:34.000Z" itemprop="datePublished">2018-04-05</time>
</a>
</div>
<div class="article-inner">
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2018/04/05/XSS安全知识/">XSS安全知识</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<h2 id="XSS攻击方式:反射性-存储型"><a href="#XSS攻击方式:反射性-存储型" class="headerlink" title="XSS攻击方式:反射性 存储型"></a>XSS攻击方式:反射性 存储型</h2><h3 id="反射型"><a href="#反射型" class="headerlink" title="反射型"></a>反射型</h3><p>发出请求后,xss代码出现在URL中,作为输入提交到服务器端,服务器端解析后响应,xss代码随着响应内容一起传回浏览器,最后浏览器解析执行XSS代码。这个过程像一次反射,叫反射性xss.</p>
<h3 id="存储型"><a href="#存储型" class="headerlink" title="存储型"></a>存储型</h3><p>存储型XSS和反射型xss的差别仅在于,提交的代码会存储到服务器端(数据库,内存,文件系统等),下次请求目标页面时不用再提交代码。</p>
<h2 id="XSS防御措施:编码,过滤,校正"><a href="#XSS防御措施:编码,过滤,校正" class="headerlink" title="XSS防御措施:编码,过滤,校正"></a>XSS防御措施:编码,过滤,校正</h2><h3 id="编码:对用户输入的数据进行HTML-Entity编码"><a href="#编码:对用户输入的数据进行HTML-Entity编码" class="headerlink" title="编码:对用户输入的数据进行HTML Entity编码"></a>编码:对用户输入的数据进行HTML Entity编码</h3><table>
<thead>
<tr>
<th style="text-align:center">字符</th>
<th style="text-align:center">十进制</th>
<th style="text-align:center">转义字符</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">“</td>
<td style="text-align:center">$#34;</td>
<td style="text-align:center">$quot;</td>
</tr>
<tr>
<td style="text-align:center">&</td>
<td style="text-align:center">$#38;</td>
<td style="text-align:center">&amp</td>
</tr>
<tr>
<td style="text-align:center"><</td>
<td style="text-align:center">$#60;</td>
<td style="text-align:center">&lt</td>
</tr>
<tr>
<td style="text-align:center">></td>
<td style="text-align:center">$#62;</td>
<td style="text-align:center">&gt</td>
</tr>
<tr>
<td style="text-align:center">&</td>
<td style="text-align:center">$#160;</td>
<td style="text-align:center">&nbsp</td>
</tr>
</tbody>
</table>
<h3 id="过滤"><a href="#过滤" class="headerlink" title="过滤"></a>过滤</h3><p>移除用户上传的DOM属性,如onerror等<br>移除用户上传的style节点、script节点、iframe节点等 </p>
<h2 id="校正"><a href="#校正" class="headerlink" title="校正"></a>校正</h2><p>避免直接对HTML entity解码<br>使用dom parse转码,校正不配对的dom标签</p>
<h2 id="实战:评论功能中实现xss攻击,防御"><a href="#实战:评论功能中实现xss攻击,防御" class="headerlink" title="实战:评论功能中实现xss攻击,防御"></a>实战:评论功能中实现xss攻击,防御</h2>
</div>
<footer class="article-footer">
<a data-url="http://yoursite.com/2018/04/05/XSS安全知识/" data-id="cjfmamzk500004ow5ivt1qbl2" class="article-share-link">Share</a>
<ul class="article-tag-list"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/XSS安全/">XSS安全</a></li></ul>
</footer>
</div>
</article>
<article id="post-ie兼容性问题" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2018/03/29/ie兼容性问题/" class="article-date">
<time datetime="2018-03-29T03:33:19.000Z" itemprop="datePublished">2018-03-29</time>
</a>
</div>
<div class="article-inner">
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2018/03/29/ie兼容性问题/">ie兼容性问题</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<h2 id="1-currentStyle-和-getComputedStyle-兼容性问题"><a href="#1-currentStyle-和-getComputedStyle-兼容性问题" class="headerlink" title="1.currentStyle 和 getComputedStyle 兼容性问题"></a>1.currentStyle 和 getComputedStyle 兼容性问题</h2><p>js中是不可以通过style来获取行外样式的</p>
<h3 id="获取行外样式的兼容性写法"><a href="#获取行外样式的兼容性写法" class="headerlink" title="获取行外样式的兼容性写法:"></a>获取行外样式的兼容性写法:</h3><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">function</span> <span class="title">getStyle</span>(<span class="params">obj, name</span>) </span>{</span><br><span class="line"> <span class="keyword">if</span>(obj.currentStyle) {</span><br><span class="line"> <span class="comment">// ie低版本</span></span><br><span class="line"> <span class="keyword">return</span> obj.currentStyle[name]</span><br><span class="line"> }<span class="keyword">else</span>{</span><br><span class="line"> <span class="comment">// ff </span></span><br><span class="line"> <span class="keyword">return</span> getComputedStyle(obj, <span class="literal">false</span>)[name]</span><br><span class="line"> }</span><br><span class="line">}</span><br></pre></td></tr></table></figure>
<h2 id="2-字符串索引兼容性问题"><a href="#2-字符串索引兼容性问题" class="headerlink" title="2.字符串索引兼容性问题"></a>2.字符串索引兼容性问题</h2><p>字符串可以通过数组索引的方式获取,但是ie6,7不支持<br><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">var</span> str = <span class="string">"abcddfe"</span></span><br><span class="line">alert(str[<span class="number">1</span>])</span><br></pre></td></tr></table></figure></p>
<p>但是str.charAt(i) 方法所有浏览器都支持<br><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">var</span> str=<span class="string">"abcde"</span>;</span><br><span class="line"><span class="keyword">for</span>(<span class="keyword">var</span> i=<span class="number">0</span>;i<str.length;i++){</span><br><span class="line"> alert(str.charAt(i)); <span class="comment">//放回字符串中的每一项</span></span><br><span class="line">}</span><br></pre></td></tr></table></figure></p>
<h2 id="3-childNodes的兼容性问题"><a href="#3-childNodes的兼容性问题" class="headerlink" title="3.childNodes的兼容性问题"></a>3.childNodes的兼容性问题</h2><p>childNodes在ie6-8中获取一个子节点<br> 高版本浏览器中会按nodeType划分出子节点<br> nodeType=3 –> 文本节点<br> nodeTyPE=1 –> 元素节点<br><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">var</span> oUl = <span class="built_in">document</span>.getElementById(<span class="string">'ul'</span>)</span><br><span class="line"><span class="keyword">for</span>(<span class="keyword">var</span> i=<span class="number">0</span>;i<oUl.childNodes.length;i++) {</span><br><span class="line"> <span class="keyword">if</span>(oUl.childNode[i].nodeType == <span class="number">1</span>) {</span><br><span class="line"> oUl.childNode[i].style.background = <span class="string">'red'</span></span><br><span class="line"> }</span><br><span class="line">}</span><br></pre></td></tr></table></figure></p>
<p>解决方法:children子节点只会获取元素节点,不会获取文本节点<br><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">var</span> oUl = <span class="built_in">document</span>.getElementById(<span class="string">'oUl'</span>)</span><br><span class="line"><span class="keyword">for</span>(<span class="keyword">var</span> i=<span class="number">0</span>;i<oUl.children.length;i++){</span><br><span class="line"> oUl.children[i].style.background = <span class="string">'red'</span></span><br><span class="line">}</span><br></pre></td></tr></table></figure></p>
<h2 id="4-首尾,前后DOM节点兼容性问题"><a href="#4-首尾,前后DOM节点兼容性问题" class="headerlink" title="4.首尾,前后DOM节点兼容性问题"></a>4.首尾,前后DOM节点兼容性问题</h2><ul>
<li>ie6-8下:<br><strong>firstChild,lastChild,nextSibling,previousSibling</strong>, 获取第一个元素节点 (高版本浏览器IE9+,FF,Chrome不兼容,其获取的空白文本节点)</li>
<li>高版本浏览器下:<br><strong>firstElementChild,lastElementChild,nextElementSibling,previousElementSibling</strong> (低版本浏览器IE6-8不兼容)</li>
</ul>
<h3 id="代码示例:获取第一个元素节点,并且变红"><a href="#代码示例:获取第一个元素节点,并且变红" class="headerlink" title="代码示例:获取第一个元素节点,并且变红"></a>代码示例:获取第一个元素节点,并且变红</h3><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">var</span> oUl = <span class="built_in">document</span>.getElementById(<span class="string">'oUl'</span>)</span><br><span class="line"><span class="keyword">if</span>(oUl.firstElementChild) {</span><br><span class="line"> <span class="comment">// 高版本浏览器</span></span><br><span class="line"> oUl.firstElementChild.style.background = <span class="string">'red'</span></span><br><span class="line">}<span class="keyword">else</span>{</span><br><span class="line"> <span class="comment">// ie 6-8</span></span><br><span class="line"> oUl.firstChild.style.background = <span class="string">'red'</span></span><br><span class="line">}</span><br></pre></td></tr></table></figure>
<h2 id="5-event对象的兼容性问题"><a href="#5-event对象的兼容性问题" class="headerlink" title="5.event对象的兼容性问题"></a>5.event对象的兼容性问题</h2><ul>
<li>如:获取鼠标位置<br>IE/Chorom: event.clientX<br>FF/IE9以上/chorom: ev.clientX<figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line"><span class="built_in">document</span>.onclick = <span class="function"><span class="keyword">function</span> (<span class="params">ev</span>) </span>{</span><br><span class="line"> <span class="keyword">var</span> oEvent == ev || event;</span><br><span class="line"> <span class="keyword">if</span>(oEvent) {</span><br><span class="line"> alert(oEvent.clentX)</span><br><span class="line"> }</span><br><span class="line">}</span><br></pre></td></tr></table></figure>
</li>
</ul>
<h2 id="6-元素绑定问题:attachEvent-attachEventLister"><a href="#6-元素绑定问题:attachEvent-attachEventLister" class="headerlink" title="6.元素绑定问题:attachEvent/attachEventLister"></a>6.元素绑定问题:attachEvent/attachEventLister</h2><ul>
<li>IE8以下用: <strong>attachEvent(‘事件名’,fn);</strong></li>
<li>FF,Chrome,IE9-10用: <strong>attachEventLister(‘事件名’,fn,false);</strong><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">function</span> <span class="title">myAddEvent</span>(<span class="params">obj,ev,fn</span>)</span>{</span><br><span class="line"> <span class="keyword">if</span>(obj.attachEvent){</span><br><span class="line"> <span class="comment">//IE8以下</span></span><br><span class="line"> obj.attachEvent(<span class="string">'on'</span>+ev,fn);</span><br><span class="line"> }<span class="keyword">else</span>{</span><br><span class="line"> <span class="comment">//FF,Chrome,IE9-10</span></span><br><span class="line"> obj.attachEventLister(ev,fn,<span class="literal">false</span>);</span><br><span class="line"> }</span><br><span class="line">}</span><br><span class="line">myAddEvent(oBtn,<span class="string">'click'</span>,<span class="function"><span class="keyword">function</span>(<span class="params"></span>)</span>{</span><br><span class="line"> alert(a);</span><br><span class="line">});</span><br><span class="line">myAddEvent(oBtn,<span class="string">'click'</span>,<span class="function"><span class="keyword">function</span>(<span class="params"></span>)</span>{</span><br><span class="line"> alert(b);</span><br><span class="line">});</span><br></pre></td></tr></table></figure>
</li>
</ul>
<h2 id="7-滚动条距离兼容问题"><a href="#7-滚动条距离兼容问题" class="headerlink" title="7.滚动条距离兼容问题"></a>7.滚动条距离兼容问题</h2><p><strong>IE,Chrome: document.body.scrollTop</strong><br><strong>FF: document.documentElement.scrollTop</strong><br><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">var</span> scrollTop=<span class="built_in">document</span>.documentElement.scrollTop||<span class="built_in">document</span>.body.scrollTop</span><br></pre></td></tr></table></figure></p>
</div>
<footer class="article-footer">
<a data-url="http://yoursite.com/2018/03/29/ie兼容性问题/" data-id="cjfmamzkl00014ow5zj6xbq6l" class="article-share-link">Share</a>
<ul class="article-tag-list"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/ie兼容性问题/">ie兼容性问题</a></li></ul>
</footer>
</div>
</article>
<article id="post-markdown基础语法" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2018/03/28/markdown基础语法/" class="article-date">
<time datetime="2018-03-28T13:27:23.000Z" itemprop="datePublished">2018-03-28</time>
</a>
</div>
<div class="article-inner">
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2018/03/28/markdown基础语法/">markdown</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<h3 id="markdown测试嵌套"><a href="#markdown测试嵌套" class="headerlink" title="markdown测试嵌套"></a>markdown测试嵌套</h3><blockquote>
<p>首层嵌套</p>
<blockquote>
<p>第二层的嵌套</p>
<blockquote>
<p>我是文章中的内容</p>
</blockquote>
</blockquote>
</blockquote>
<p>代码写入与高亮:<br><figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">let</span> num = <span class="number">0</span>;</span><br><span class="line"><span class="keyword">for</span> (<span class="keyword">var</span> i = <span class="number">0</span>; i<<span class="number">5</span>; i++) {</span><br><span class="line"> num+=i;</span><br><span class="line">}</span><br><span class="line"><span class="built_in">console</span>.log(num)</span><br></pre></td></tr></table></figure></p>
<p>图片资源:<br><img src="./img/01.png" alt="" title="描述"></p>
</div>
<footer class="article-footer">
<a data-url="http://yoursite.com/2018/03/28/markdown基础语法/" data-id="cjfmamzle00044ow5fevy0krx" class="article-share-link">Share</a>
<ul class="article-tag-list"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/markdown研究课题/">markdown研究课题</a></li></ul>
</footer>
</div>
</article>
<article id="post-hello-world" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2018/03/28/hello-world/" class="article-date">
<time datetime="2018-03-28T12:26:11.371Z" itemprop="datePublished">2018-03-28</time>
</a>
</div>
<div class="article-inner">
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2018/03/28/hello-world/">Hello World</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<p>Welcome to <a href="https://hexo.io/" target="_blank" rel="noopener">Hexo</a>! This is your very first post. Check <a href="https://hexo.io/docs/" target="_blank" rel="noopener">documentation</a> for more info. If you get any problems when using Hexo, you can find the answer in <a href="https://hexo.io/docs/troubleshooting.html" target="_blank" rel="noopener">troubleshooting</a> or you can ask me on <a href="https://github.com/hexojs/hexo/issues" target="_blank" rel="noopener">GitHub</a>.</p>
<h2 id="Quick-Start"><a href="#Quick-Start" class="headerlink" title="Quick Start"></a>Quick Start</h2><h3 id="Create-a-new-post"><a href="#Create-a-new-post" class="headerlink" title="Create a new post"></a>Create a new post</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ hexo new <span class="string">"My New Post"</span></span><br></pre></td></tr></table></figure>
<p>More info: <a href="https://hexo.io/docs/writing.html" target="_blank" rel="noopener">Writing</a></p>
<h3 id="Run-server"><a href="#Run-server" class="headerlink" title="Run server"></a>Run server</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ hexo server</span><br></pre></td></tr></table></figure>
<p>More info: <a href="https://hexo.io/docs/server.html" target="_blank" rel="noopener">Server</a></p>
<h3 id="Generate-static-files"><a href="#Generate-static-files" class="headerlink" title="Generate static files"></a>Generate static files</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ hexo generate</span><br></pre></td></tr></table></figure>
<p>More info: <a href="https://hexo.io/docs/generating.html" target="_blank" rel="noopener">Generating</a></p>
<h3 id="Deploy-to-remote-sites"><a href="#Deploy-to-remote-sites" class="headerlink" title="Deploy to remote sites"></a>Deploy to remote sites</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ hexo deploy</span><br></pre></td></tr></table></figure>
<p>More info: <a href="https://hexo.io/docs/deployment.html" target="_blank" rel="noopener">Deployment</a></p>
</div>
<footer class="article-footer">
<a data-url="http://yoursite.com/2018/03/28/hello-world/" data-id="cjfmamzl700034ow51g3br9ck" class="article-share-link">Share</a>
</footer>
</div>
</article>
</section>
<aside id="sidebar">
<div class="widget-wrap">
<h3 class="widget-title">Tags</h3>
<div class="widget">
<ul class="tag-list"><li class="tag-list-item"><a class="tag-list-link" href="/tags/XSS安全/">XSS安全</a></li><li class="tag-list-item"><a class="tag-list-link" href="/tags/ie兼容性问题/">ie兼容性问题</a></li><li class="tag-list-item"><a class="tag-list-link" href="/tags/markdown研究课题/">markdown研究课题</a></li></ul>
</div>
</div>
<div class="widget-wrap">
<h3 class="widget-title">Tag Cloud</h3>
<div class="widget tagcloud">
<a href="/tags/XSS安全/" style="font-size: 10px;">XSS安全</a> <a href="/tags/ie兼容性问题/" style="font-size: 10px;">ie兼容性问题</a> <a href="/tags/markdown研究课题/" style="font-size: 10px;">markdown研究课题</a>
</div>
</div>
<div class="widget-wrap">
<h3 class="widget-title">Archives</h3>
<div class="widget">
<ul class="archive-list"><li class="archive-list-item"><a class="archive-list-link" href="/archives/2018/04/">April 2018</a></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2018/03/">March 2018</a></li></ul>
</div>
</div>
<div class="widget-wrap">
<h3 class="widget-title">Recent Posts</h3>
<div class="widget">
<ul>
<li>
<a href="/2018/04/05/XSS安全知识/">XSS安全知识</a>
</li>
<li>
<a href="/2018/03/29/ie兼容性问题/">ie兼容性问题</a>
</li>
<li>
<a href="/2018/03/28/markdown基础语法/">markdown</a>
</li>
<li>
<a href="/2018/03/28/hello-world/">Hello World</a>
</li>
</ul>
</div>
</div>
</aside>
</div>
<footer id="footer">
<div class="outer">
<div id="footer-info" class="inner">
© 2018 sunchzh<br>
Powered by <a href="http://hexo.io/" target="_blank">Hexo</a>
</div>
</div>
</footer>
</div>
<nav id="mobile-nav">
<a href="/" class="mobile-nav-link">Home</a>
<a href="/archives" class="mobile-nav-link">Archives</a>
</nav>
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script>
<link rel="stylesheet" href="/fancybox/jquery.fancybox.css">
<script src="/fancybox/jquery.fancybox.pack.js"></script>
<script src="/js/script.js"></script>
</div>
</body>
</html>