Created
April 3, 2018 05:17
-
-
Save ynyyn/ca215aee0e7a6c776144044c57844512 to your computer and use it in GitHub Desktop.
QQ坦白说,登录态下,自动带 Token 跳转脚本
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (function () { | |
| function CSRFToken(str) { | |
| var hash = 5381; | |
| for (var i = 0, len = str.length; i < len; ++i) | |
| hash += (hash << 5) + str.charAt(i).charCodeAt(); | |
| return hash & 2147483647 | |
| } | |
| function getCookie(c, name) { | |
| name = name + '='; | |
| var s = c.indexOf(name); | |
| if (s === -1) return undefined; | |
| else { | |
| s += name.length; | |
| } | |
| var e = c.indexOf(';', s); | |
| if (e < 0) e = c.length; | |
| return c.substring(s, e); | |
| } | |
| function unixTime() { | |
| return new Date().getTime(); | |
| } | |
| function Go() { | |
| var d = document.domain; | |
| if (d.substring(d.length - 6, d.length) !== "qq.com") { | |
| alert("请您在 qq.com 域名内中执行."); | |
| return; | |
| } | |
| var c = document.cookie; | |
| var k = getCookie(c, "skey"); | |
| if (k === undefined) { | |
| alert("请您登录后再执行."); | |
| return; | |
| } | |
| document.location = "https://ti.qq.com/cgi-node/honest-say/receive/mine?_client_version=0.0.7&_t=" + unixTime() + "&token=" + String(CSRFToken(k)); | |
| } | |
| Go(); | |
| })(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue
getCookie函数存在逻辑问题,以至于getCookie(c, "skey")返回的结果可能为其他以skey结尾的 cookie (如lskey)的值。