reference:
Front-end security - XSS attacks
Large front-end development in some common web security issues
1 cross-site scripting (XSS attacks)
XSS (Cross Site Script): Enter the attackers to have an XSS vulnerability (incoming) malicious HTML or JS code, when other users browse the site, this code will be executed automatically, so as to achieve the purpose of the attack. Such as steal user Cookie, destruction of the page structure, redirected to other websites.
XSS attacks classification
XSS attacks are common Web attacks, which focused on "cross-site" and "client performs." Some people XSS attacks are divided into three types, namely:
-
The REFLECTED XSS (reflection-based XSS attacks)
-
Stored XSS (storage-based XSS attacks)
-
DOM-based or local XSS (DOM-based XSS attacks or local)
The REFLECTED XSS (reflection-based XSS attacks)
Rely mainly on the site returned from the server script, the client trigger to initiate the implementation of Web attacks.
For example:
1, in the search box to search the content, fill in the "<script> alert ( 'I want to attack') </ script>", and click Search.
2 , no page-end filtering the returned data is displayed directly on the page, then it will alert the string out.
3, if the alert is replaced with malicious code, access to a user's cookie address, account passwords, or redirected to phishing sites and so on.
Security measures:
1. In the front end of the display data when the server is not only the need to filter the content of the label, to escape, even property values also may be required. 2. When the rear end receives a request, authentication request is a request to attack, attack the shield. Tag: < span > < Script > Alert ( ' Handsome Boy ' ) </ Script > </ span > escape < span > & lt; Script & gt; Alert (& # 39; Handsome Boy & # 39;) & lt; / Script & gt </ span >
Stored XSS
Based on the stored XSS attack, who is published by Post / articles with malicious cross-domain scripting, so the server, each access to the post / article storage will trigger the execution of malicious scripts.
Prevention:
-
If the server to be filtered, since the front end of the check can be bypassed.
-
The server does not check the time, there may be filtered distal malicious scripts in various ways, e.g. script tag, converts special characters to HTML encoding.
DOM-based or local XSS
WiFi traffic hijacking - JS script cache poisoning
Prevention: Use HTTPS
2 cross-site request forgery (CSRF attack)
Prevent SQL injection attacks - study notes
File upload vulnerability attack and defense