带参数执行js

检索关键字：注入js,传入参数执行js,带参数注入js,javascript

带参数执行js示例，UB源代码如下：

Dim sRet = ""
Dim iRet = ""
Dim hWeb = ""

Dim userName,pwd
userName = "admin"
pwd = '1234'

Dim jsCode = ''
jsCode = 'function (){function fun(userName,pwd){ document.querySelector("#normal_form_userName").value=userName;document.querySelector("#normal_form_password").value=pwd;} fun("'&userName&'","'&pwd&'")  ;return true;}'

hWeb = WebBrowser.Create("chrome","about:blank",10000,{"bContinueOnError":False,"iDelayAfter":300,"iDelayBefore":200,"sBrowserPath":"","sStartArgs":""})
iRet = WebBrowser.GoURL(hWeb,"https://d-commander.uibot.com.cn/",True,"",30000,{"bContinueOnError":False,"iDelayAfter":300,"iDelayBefore":200})
sRet = WebBrowser.RunJS(hWeb,jsCode,True,{"bContinueOnError":False,"iDelayAfter":300,"iDelayBefore":200})
TracePrint(sRet)

以上代码在Commander演示版地址中，通过“执行JS”命令，实现填写用户名和密码，并且是以传入参数的形式，一种内嵌带参数函数的方式来实现的。

当双击“执行JS”命令时，可看到如下结构的UB源代码：

sRet = WebBrowser.RunJS(hWeb,'''
function(){
return 123
}''',True,{"bContinueOnError":False,"iDelayAfter":300,"iDelayBefore":200})

需要遵守保持最外层的function结构不变的规则。