Common Web security hole -------- anti-hotlinking - Code World

Common Web security hole -------- anti-hotlinking

Others 2019-07-30 02:08:34 views: null

1, anti-hotlinking prevent theft of things on their own services. . .

2, there is such a map on XSS services:

<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8" />
<title></title>
</head>
<body>
<form action="postIndex" method="post">
        输入内容: <input type="text" name="name"> <br> <input
            type="submit">
    </form>
<img src="img/logo.PNG" alt="">
</body> 
</html>

On SatetyChain service: <img src = "http://127.0.0.1:8080/img/logo.PNG" alt = ""> quote came directly to this picture, it belongs to the Pirates of the map, how to prevent this from happening?

<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8" />
<title></title>
</head>
<body>
<form action="postIndex" method="post">
        输入内容: <input type="text" name="name"> <br> <input
            type="submit">
    </form>
<img src="http://127.0.0.1:8080/img/logo.PNG" alt="">
</body> 
</html>

3, anti-hotlinking technology to achieve the above requirements, in simple terms, or by interceptor to intercept the request, view the request header Referer request record source, you can view pictures to the requested domain name, domain name, if not specified, allowed the request fails

127.0.0.1 8080 www.aiyuesheng.com
127.0.0.1 8081 bbs.aiyuesheng.com

C:\Windows\System32\drivers\etc\hosts

Guess you like

Origin www.cnblogs.com/pickKnow/p/11265785.html

Common Web security hole -------- anti-hotlinking

Nginx Service Optimization (seven) web page compression and anti-hotlinking

Common Web Security

NG realizes anti-hotlinking

Common web security and protection principles

Current common web security vulnerabilities

Common web security vulnerabilities_web vulnerabilities

Focus release, anti-hotlinking mobile cinema

Apache configuration page optimization --- anti-hotlinking

Application of advanced anti-hotlinking site

Common Web security vulnerabilities and test methods Introduction

Web Security Technology - Common Attacks and Defenses

Web Security Technology - Common Attacks and Defenses

Internet Security Architecture - Common Web Attacks

Web Security_Common Attack Methods

Top 6 Common Web Security Problems - Translation

Nginx configuration and cross-domain access scene anti-hotlinking

Apache uses .htaccess anti-hotlinking prevent users from downloading

apache rewrite the rewrite, log cutting, anti-hotlinking

XSS and CSRF - two common attack methods in the field of web security

Defense methods against common web development security vulnerabilities

Common memory encryption and anti-crack security solutions

CDN deal with the Nuggets turned anti-hotlinking remember once crawling markdown picture experience

Python website crawling solution mn52 beautiful pictures and images of anti-hotlinking

Teach you how to prevent others to steal your pictures, nginx anti-hotlinking

web security

web security

[] On the web security web security of XSS

Optimization, security and anti-leeching of Apache web pages

JavaScript web front-end share common anti-patterns

Recommended

Ranking

error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘

Database migration between Navicat servers

Minimum number of rotation of the array: Array

balenaEtcher for mac (make a boot disk software) v1.5.67

Custom processing serialization and deserialization in jackson

Mu-en-mask system development software

Mastering Regular Expressions

Find mileage Java--

Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions

[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite

Daily

More

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)