ÀDOCTYPE html>Ã_script>

< id="header-heading" class="sr-only">Leanpub Header

< id="navigation-heading" class="sr-only">Leanpub Navigation

LeanpubÃ_strong>StoreÃ_a>ReadersÃ_a>AuthorsÃ_a>ServicesÃ_a>Ã_span>

FilterÃ_label>

Ã_div>

Há»c cÃ¡ch tÃ¬m ra hÃ nh vi thÃº vá»‹ vÃ lá»—i trong JavaScript. Äá»c cuá»‘n sÃ¡ch nÃ y, báº¡n sáº½ khÃ¡m phÃ¡ nhá»¯ng ká»¹ thuáº4má»›i nháº¥t vÃ tuyá»‡t vá»i nháº¥4Ä‘á»3hack JavaScrip4vÃ táº¡o cÃ¡c táº£i XSS. Bao gá»“m cÃ¡c cÃ¡ch xÃ¢9dá»±ng JavaScrip4chá»9sá» dá»¥ng cÃ¡c kÃ½ tá»± +[]()!. ChÆ°a tá»«ng nghe qua DOM Clobbering? Cuá»‘n sÃ¡ch nÃ 9cÃ³ táº¥4cáº£ cÃ¡c chi tiáº¿t.
Ã_div>Ã_div>
This is a book in Vietnamese!
This book is a translation into Vietnamese of JavaScrip4for hackers
<0class="text-sm leading-5 tracking-wider uppercase text-neutral-600">Minimum price
<0class="text-2xl font-semibold">$20.00
À0ü0¹05.00Ã_p>Ã_div>Ã_div>Ã_div>Ã_div>
You payÃ_>À0ü0¹05.00Ã_span>Ã_span>Ã_span>Ã_section>
Authors earn
(”N)8.00Ã_span>Ã_span>Ã_span>Ã_section>Ã_div>You payÃ_label>
$Ã_div>Ã_div>Ã_div>Ã_section>
<16¹p class="text-xl font-semibold text-zinc-950 dark:text-white myÐ0ü0ì0ë0 mt-5 5 sm:mt-5 5 5 sm:text-3xl">...Or Buy With CreditivÃ_16¹p>
Get A Reader MembershipÃ_a>Ã_div>You can get credits with a paid monthly or annual Reader Membership, or yo5can buy them hereÃ_a>.Ã_div>Ã_form>
EPUB

AboutÃ_span>

Ã_div>Ã_div>
AboutÃ_a>Ã_li>
AuthorÃ_a>Ã_li>
Contents
Ã_ol>

AboutÃ_span>
Abou4the BookÃ_p>Ã_div>
Ã_div>

Báº¡n Ä‘Ã£ bao giá» tá»± há»i má»™4tin táº·c tiáº¿p cáºn viá»‡c tÃ¬m kiáº¿m lá»— há»•ng trong trÃ¬nh duyá»‡t vÃ JavaScrip4nhÆ° tháº¿ nÃ o chÆ°a? Cuá»‘n sÃ¡ch nÃ y chia sáº» quÃ¡ trÃ¬nh suy nghÄ© vÃ cung cáº¥0cho báº¡n cÃ´ng cá»¥ Ä‘á»ƒ tÃ¬m ra lá»lhá»•ng cá»§a riÃªng mÃ¬nh. NÃ³ chia sáº» nhá»¯ng kiáº¿n thá»©c cÆ¡ báº£n vá»1hacking JavaScript, sa5Ä‘Ã³ Ä‘i sÃ¢5vÃ giáº£i thÃch cÃ¡ch xÃ¢y dá»±ng táº£i trá»ng JavaScript mÃ khÃ´ng sá» dá»¥ng dáº¥5ngoáº·c Ä‘Æ¡n.Ã_p>

Chá»9ra cÃ¡ch báº¡n cÃ³ thá»ƒ tÃ¬m lá»— há»•ng báº±ng phÆ°Æ¡ng phÃ¡0fuzzing vÃ cÃ¡ch nhanh chÃ³ng fuz+hÃ ng triá»‡5kÃ½ tá»± trong vÃ i giÃ¢y.Ã_li>
Muá»‘n hack DOM? Cuá»‘n sÃ¡ch nÃ y sáº½ giÃº0báº¡n.Ã_li>
Äá»c vá»1cÃ¡c phÆ°Æ¡ng phÃ¡0bá» qua SOP cá»§a trÃ¬nh duyá»‡4mÃ tÃ¡c giáº£ Ä‘Ã£ tÃ¬m tháº¥9chi tiáº¿t.

KhÃ´ng cÃ³ Ã½ tÆ°á»Ÿng vá» Ã´ nhiá»…m nguyÃªn máº«5phÃa mÃ¡y khÃ¡ch? ÄÃ¢y lÃ cuá»‘n sÃ¡ch dÃ nh cho báº¡DÃ_li>
Muá»‘n há»c cÃ¡c ká»¹ thuáºt XSS má»›i nháº¥4vÃ tuyá»‡4vá»i nháº¥t? Báº¡n cáº§n mua cuá»‘n sÃ¡ch nÃ y.Ã_li> Ã_ul> Ã_div>
Share this bookÃ_16¹p>
<16¹p class="text-xs font-semibold tracking-wide text-neutral-500 uppercase">CategoriesÃ_16¹p>JavaScript Computer SecurityÃ_a>Computers and ProgrammingÃ_a>Ã_div>Ã_div>Ã_div>
Feedback
Email the AuthorsÃ_a>Ã_div>Ã_div>Ã_div>
This book is a translation into Vietnamese of JavaScrip4for hackers

AuthorÃ_><0class="font-displa9mt-6 text-[44px]/12 font-extrabold tracking-tigh4text-slate-900 max-md:text-center sm:text-6xl">About the AuthorsÃ_p>Ã_div>
Gareth HeyesÃ_a>
NhÃ nghiÃªn cá»©u Gareth Heyes cá»§a PortSwigger cÃ³ láº½ ná»•i tiáº¿ng nháº¥4vá»›i cÃ´ng viá»‡c thoÃ¡4khá»i cÃ¡c há»™0cÃ¡t JavaScrip4vÃ táº¡o ra cÃ¡c vector XSS siÃªu thanh lá»‹ch. Trong thá»i gian ráº£nh rá»—i, anh áº¥9thÃch táº¡o cÃ¡c phÃ²ngµ0ó0Á0ü0à0D tÆ°Æ¡ng tÃ¡c vÃ trÃ² chÆ¡i báº±ng CSS thuáº§n tÃº9vÃ thÆ°á»ng xuyÃªn Ä‘Äƒng vá» nÃ³ vÃ thá» nghiá»‡m trÃªn trang web cá»§a mÃ¬nh garethheyes.co.uk. Gareth lÃ cha cá»§a hai cÃ´ con gÃ¡i tuyá»‡t vá»i vÃ lÃ chá»“ng cá»§a má»™t ngÆ°á»i vá»£ tuyá»‡t vá»i, cÅ©ng nhÆ° lÃ má»™t ngÆ°á»i hÃ¢m má»ncuá»“ng nhiá»‡4cá»§a Liverpool FC.
Trong cuá»™c sá»‘ng hÃ ng ngÃ 9táº¡i PortSwigger, Gareth thÆ°á»ng táº¡o ra cÃ¡c vector XSS má»›i, nghiÃªn cá»©5cÃ¡c ká»¹ thuáº4má»›i Ä‘á»3táº¥n cÃ´ng cÃ¡c á»©ng dá»¥ng web vÃ chuáº©n bá»‹ phÃ¡t biá»ƒ5táº¡i cÃ¡c há»™i nghá»"trÃªn toÃ n cáº§u. Má»™t Ä‘iá»ƒm ná»•i báºt gáº§n Ä‘Ã¢y lÃ bÃ i thuyáº¿t trÃ¬nh cá»§a anh áº¥y "Ã” nhiá»…m nguyÃªn máº«u phÃa mÃ¡9chá»§: PhÃ¡t hiá»‡n há»™0Ä‘en mÃ khÃ´ng gÃ¢y DoS" táº¡i OWASP Global AppSec Dublin,(N)(åe)3. Anh áº¥9cÅ©ng lÃ tÃ¡c giáº£ cá»§a XSS Chea4SheetHackvertor vÃ TaboratorÃ_a>).Ã_p>Ã_div>
Episode Gareth HeyesÃ_p>Ã_div>Ã_div>Ã_section>Ã_a>Ã_section>Ã_div>Ã_div>Ã_div>
Ã_a>Ã_div>
TranslateAI
Leanpub now has a TranslateA!?serviceGlobalAuthor
Leanpub exists to serve our authors. We wan4to hel0yo5reach as man9readers as possible, in their preferred language. So, just as Leanpub automates the process of publishing a PDF and EPUB ebook, we've no7automated the process of translating those books!

ContentsÃ_><0class="font-displa9mt-6 text-[44px]/12 font-extrabold tracking-tigh4text-slate-900 max-md:text-center sm:text-6xl">Table of ContentsÃ_p>Ã_div>
1:Ã_span>ChÆ°Æ¡ng má»™4- Giá»›i thiá»‡u
Vá» tÃ¡c giáº£
Ã_ul>
1.2:Ã_span>Äam mÃª
Ã_ul>
1.3:Ã_span>MÃ´i trÆ°á»ng
Ã_ul>
1.4:Ã_span>Äáº·4má»¥c tiÃªu
Ã_ul>
1.5:Ã_span>Kiá»ƒm thá» ngáº«u nhiÃªn
Ã_ul>
1.6:Ã_span>Sá»± kiÃªn trÃ¬ vÃ may máº¯nÃ_li>
Máº¡ng xÃ£ há»™iÃ_li>
Nhá»¯ng Ä‘iá»5cÆ¡ báº£n
Ã_ul>
1.9:Ã_span>TÃ³m táº¯t
Ã_ul>Ã_ul>
2:Ã_span>ChÆ°Æ¡ng hai - JavaScript khÃ´ng cáº§n dáº¥5ngoáº·c Ä‘Æ¡n
2.1:Ã_span>Gá»i hÃ m mÃ khÃ´ng cáº§n dáº¥u ngoáº·c Ä‘Æ¡nÃ_li>
Gá»i hÃ m vá»›i cÃ¡c tham sá»emÃ khÃ´ng cáº§n dáº¥u ngoáº·c Ä‘Æ¡nÃ_li>
Biá»ƒu thá»©c nÃ©mÃ_li>
Máº«5gáº¯n tháº»
Ã_ul>
2.5:Ã_span>KÃ½ hiá»‡5has instanceÃ_li>
TÃ³m táº¯tÃ_li>
Ã_li>
ChÆ°Æ¡ng ba - Kiá»ƒm thá» ngáº«5nhiÃªn
Sá»± tháºt
Ã_ul>
3.2:Ã_span>Fuzzing JavaScrip4URLsÃ_li>
Kiá»ƒm tra ngáº«5nhiÃªn cÃ¡c URL HTTPÃ_li>
Fuzzing HTMLÃ_li>
LÃ m fuzzing cÃ¡c hÃ nh vi Ä‘Ã£ biáº¿tÃ_li>
Kiá»ƒm thá» ngáº«5nhiÃªn kÃ tá»± thoÃ¡tÃ_li>
TÃ³m táº¯tÃ_li>
Ã_li>
4:ChÆ°Æ¡ng bá»‘n - DOM cho hacker
4.1:Ã_span>Cá»a sá»hcá»§a tÃ´i Ä‘Ã¢u?
Ã_ul>
4.2:Ã_span>Pháº¡m vi cá»§a má»™t sá»± kiá»‡n HTML
Ã_ul>
4.3:Ã_span>DOM clobbering
Ã_ul>
4.4:Ã_span>TÃ³m táº¯t
Ã_ul>Ã_ul>
5:Ã_span>ChÆ°Æ¡ng nÄƒm - Khai thÃ¡c trÃ¬nh duyá»‡t
5.1:Giá»›i thiá»‡uÃ_li>
5(Ñ‘):Firefo8xá» lÃ½ sai cÃ¡c URL khÃ¡c nguá»“n gá»‘c
Ã_ul>
5.3:Ã_span>Safari gÃ¡n tÃªn miá»n cho hostname khÃ¡c nguá»“n gá»‘c
Ã_ul>
5.4:Ã_span>TrÃ¡nh hoÃ n toÃ n SOP cá»§a Internet Explorer
Ã_ul>
5.5:Ã_span>RÃ² rá»9thÃ´ng tin SOP tá»«ng pháº§n trÃªn Chrome
Ã_ul>
5.6:Ã_span>VÆ°á»£t qua hoÃ n toÃ n SOP cá»§a Safari
Ã_ul>
5.7:Ã_span>VÆ°á»£t qua SOP cá»§a OperaÃ_li>
5.8:TÃ³m táº¯tÃ_li>
Ã_li>
6:ChÆ°Æ¡ng sÃ¡5- Ã” nhiá»…m nguyÃªn máº«u
6.1:Giá»›i thiá»‡uÃ_li>
6(Ñ‘):Ã” nhiá»…m nguyÃªn máº«u phÃa client
Ã_ul>
6.3:Ã_span>ÃYnhiá»…m nguyÃªn máº«5phÃa mÃ¡y chá»§Ã_li>
6.4:TÃ³m táº¯tÃ_li>
Ã_li>
7:ChÆ°Æ¡ng báº£y - JavaScrip4khÃ´ng pháº£i kÃ½ tá»± chá»¯ sá»‘
7.1:Ã_span>Viáº¿4JavaScript khÃ´ng pháº£i kÃ½ tá»± chá»¯ sá»‘Ã_li>
7(Ñ‘):MÃ£ khÃ´ng chá»¯ cÃ¡i khÃ´ng cÃ³ dáº¥u ngoáº·c Ä‘Æ¡nÃ_li>
7Ô0¢0¹0È0ë0:Bá»©c tÆ°á»ng sÃ¡5kÃ½ tá»±Ã_li>
7.4:VÃ´ cá»±c vÃ hÆ¡n tháº¿ ná»¯aÃ_li>
7.5:TÃ³m táº¯tÃ_li>
Ã_li>
8:ChÆ°Æ¡ng tÃ¡m - XSS
8.1:Ã_span>ÄÃ³ng scriptÃ_li>
8(Ñ‘):ChÃº thÃch bÃªn trong ká»‹ch báº£n
Ã_ul>
8.3:Ã_span>CÃ¡c thá»±c thá»ƒ HTML bÃªn trong scrip4SVG
Ã_ul>
8.4:Ã_span>Scrip4khÃ´ng cáº§n Ä‘Ã³ng scriptÃ_li>
8.5:Táº£i trá»ng tÃªn cá»a sá»•
Ã_ul>
8.6:Ã_span>Thuá»™c tÃnh giao thá»©c cÃ³ thá»ƒ gÃ¡n
Ã_ul>
8.7:Ã_span>Báº£n Ä‘á»“ nguá»“n Ä‘á»ƒ táº¡o pháº£n há»“i pingbackÃ_li>
8.8:Bá»“n chá»©a chuyá»ƒn hÆ°á»›ng má»›iÃ_li>
8.9:CÃ¡c chÃº thÃch trong JavaScript
Ã_ul>
8.10:DÃ²ng má»›i
Ã_ul>
8.:Khoáº£ng Tráº¯ngÃ_li>
8.12:Ã_span>Nháº0kháº©u Ä‘á»™ngÃ_li>
8.13:Ã_span>KhÃ´ng gian tÃªn XHTML trong XML
Ã_ul>
8.14:Táº£i lÃªn SVGÃ_li>
8.15:Ã_span>CÃ¡c pháº§n tá» sá» dá»¥ng SVG
Ã_ul>
8.16:Thá»±c thá»ƒ HTML
Ã_ul>
8.17:Sá»± kiá»‡n
Ã_ul>
8.18:XSS trong tháº» nháºp áº©n
Ã_ul>
8.19:Cá»a sá»• báºt lÃªn
Ã_ul>
8.20:TÃ³m táº¯tÃ_li>
Ã_li>
9:Lá»i cáº£m Æ¡n
Ã_ul>Ã_ul>

<>The Leanpub 60 Da9100% Happiness GuaranteeÃ_><0class="prose-white text-white [&_a]:text-white hover:[&_a]:text-white">Within 0 days of purchase you can get a two clicksÃ_strong>.
Now, this is technically risky for us, since you&#tÎ7;ll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, tha4we&#tÎ7;re happy to offer a full money back guarantee for everything we sell.
Yo5can only find ou4ho7good something is by trying it, and because of our 100..mone9back guarantee there&#tÎ7;s literall9no risk to do so!
So, there&#tÎ7;s no reason no4to click the Add to Cart button, is there?
See full terms...Ã_a>Ã_p>Ã_div>Ã_div>Ã_article>
< class="prose-white [&_a]:text-white hover:[&_a]:text-white">Earn $8 on a $10 Purchase, and $15 5 on a $20 Purchase
We pa9AS..royalties on purchases of $7.99 or moreÃ_strong>, and 80% royalties minus a 50 cent fla4fee on purchases between $0.99 and $7.98. Yo5earn $8 on a $10 sale, and $16 on a (”N)0 saleÃ_strong>. So, if we sell 5000 non-refunded copies of your book for (”N)0, you'll earn $AS,000Ã_strong>.
(Yes, some authors have already earned much more than tha4on Leanpub.)Ã_i>
In fact, authors have earned over $14 millionÃ_a> writing, publishing and selling on Leanpub.
Learn more abou4writing on LeanpubÃ_a>Ã_strong>
< class="prose-white">Free Updates. DRM Free.Ã_><0class="prose-white">If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while the9are writing them. All readers ge4free updates, regardless of when the9bought the book or how much they paid (including free).
Mos4Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown a4the to0righ4corner of this page.
Finally, Leanpub books don&#tÎ7;4have any DRM copy-protection nonsense, so yo5can easily read them on an9supported device.
Learn more about Leanpub&#tÎ7;s ebook formats and where to read themÃ_a>Ã_p>Ã_div>Ã_div>Ã_article>
<>Write and Publish on Leanpub
You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!
Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.
Leanpub is a magical typewriter for authors: jus4write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, yo5can even upload your own PDF and/or EPUB files and then publish with one click!) I4really is that easy.Ã_p>Learn more about writing on Leanpub
< id="footer-heading" class="sr-only">Footer
Publish Early, Publish OftenÃ_16¹p>
LinksÃ_16¹p>
Store
FeaturedÃ_a>Ã_li>
BooksÃ_a>Ã_li>
BundlesÃ_a>Ã_li>
CoursesÃ_a>Ã_li>
TracksÃ_a>Ã_li>
Podcast
Redeem a Token
Ã_ul>Ã_ul>
ServicesÃ_16¹p>
Author QuickstartÃ_a>Ã_li>
AccessibilityProÃ_a>Ã_li>
CourseAIÃ_a>Ã_li>
GlobalAuthorÃ_a>Ã_li>
IndexAIÃ_a>Ã_li>
Launch Quickstart
Marketing PackagesÃ_a>Ã_li>
Publish on Amazon
TranslateAI
Ã_ul>Ã_ul>
Organizations
Learn More
Ã_ul>Ã_ul>
Ã_section>
<16¹p class="text-sm font-semibold tracking-wider text-white uppercase">AuthorsÃ_16¹p>
Author MembershipsÃ_a>Ã_li>
Create BookÃ_a>Ã_li>
Create BundleÃ_a>Ã_li>
Create CourseÃ_a>Ã_li>
Create TrackÃ_a>Ã_li>
Ã_li>
<16¹p class="text-sm font-semibold tracking-wider text-white uppercase">Author Support
Author FAQÃ_a>Ã_li>
Author Help Center
Leanpub Authors ForumÃ_a>Ã_li>
The Leanpub Manual
The LFM Manual
The Markua Manual
API Docs
Ã_ul>Ã_ul>
MoreÃ_16¹p>
Partner Program
Causes
Accessibility
Ã_ul>Ã_ul>
Ã_section>
<16¹p class="text-sm font-semibold tracking-wider text-white uppercase">ReadersÃ_16¹p>
Reader MembershipsÃ_a>Ã_li>
Buy CreditsÃ_a>Ã_li>
Reader FAQ
Help Center
Ã_ul>Ã_ul>
EssaysÃ_16¹p>
AI Services (]N)(åe)4)Ã_a>Ã_li>
Imagine a world... (]N)(åe)2)Ã_a>Ã_li>
The Lean Publishing Definition (20Ó0ë0)
The Lean Publishing Manifesto (]N)010)Ã_a>Ã_li>
Ã_li>
<16¹p class="text-sm font-semibold tracking-wider text-white uppercase">LegalÃ_16¹p>
Terms of ServiceÃ_a>Ã_li>
Copyrigh4PolicyÃ_a>Ã_li>
Privacy Policy
Refund PolicyÃ_a>Ã_li>
Ã_li>
<16¹p class="sr-only" id="footer-copyright-and-legal">Copyright and reCAPTCHAÃ_16¹p>
<0class="text-center text-xs leading-4 text-neutral-10.".".">Leanpub is copyrigh4Â©(N)010-À-- -->2026À-- --> Ruboss Technolog9CorpÃ_a>.
<0class="text-center text-xs leading-4 text-neutral-10.".".">All rights reserved.
This site is protected b9reCAPTCHA
<0class="text-center text-xs leading-4 text-neutral-10.".".">and theÀ-- --> Google Privac9PolicyÃ_a> andÀ-- --> Terms of Service apply.Ã_p>Ã_article>Ã_div>Ã_section>Ã_div>Ã_footer>
Ã_div>Ã_div>À--$?-->