问如何将文件内容上传到变量Javascript/HTML中？

EN

1. User enters URL with * in place of query
2. User selects payload, which is simply a file with a pre-written JS script.
3. The * is replaced with the contents of the payload.
4. The URL with a script replacing the query is opened in an iframe.

<!DOCTYPE html>

<html>

  <head>

    <title>Slingshot.XSS</title>

  </head>

  <body style="font-family:monospace;" align="center">

    <h2>Slingshot.XSS</h2>
    <h3>Slingshot.XSS is a script that launches pre-loaded XSS payloads at a target to test its vulnerabilities.</h3>
    <h4>Please report all issues to <a href="https://github.com/keeganjk/slingshot.xss/issues"></a> or contact me at keeganjkuhn@gmail.com.</h4>
    <a href="github.com/keeganjk/slingshot.xss" style="font-family:monospace" align="center">Source Code / Learn More</a>
    <br />

    <h4>Enter a URL with <b>*</b> in the place of query.</h4>
    <h5>Example: https://www.google.com/#q=*</h5>
    <input type="text" id="myText" placeholder="Enter a URL"> <button onclick="myFunction()">Submit</button>
    <p id="demo">No Submitted URL</p>

    <h4>Select a payload:</h4>
    <input type="text" id="myPayload" placeholder="Enter payload path"> <button onclick="selectPayload()">Submit</button>


    <script>

      function myFunction() {

        var errors = [];
        var x = document.getElementById("myText").value;

        if ( !x.includes("http://") && !x.includes("https://") ) {

          errors.push('missing HTTP or HTTPS in URL');

        }

        if (!x.includes("*")) {

          errors.push('missing * in place of query')

        }

        // Renders errors
        if (errors.length) {

           x = 'Error: ' + errors.join(', ') + '!'; 

        }

        document.getElementById("demo").innerHTML = x;

        }

      function selectPayload() {



      }

    </script>

  </body>

</html>