xss summary

Others 2020-04-10 13:14:12 views: null

xss: what was originally data becomes a script and is executed

Defense xss: Do n’t let data become scripts, and do n’t let them execute in time

xss: Please briefly describe the principle of xss:

The full name of xss (self search in English) is a cross-site scripting attack, the principle is: the user's data (an article or a comment or a parameter when accessing the browser, etc.) is finally executed as a script on the page (the place where the execution is It may be in the script tag, or it may be an attribute of other tags or some rich text, etc.). 
The most fundamental thing is that it is originally a data, which is regarded as a script and a program.

 

Guess you like

Origin www.cnblogs.com/jingzaixin/p/12672679.html
xss
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com