Common web security issues, principles and preventive measures.
- SQL Injection
- XSS (cross-site scripting attacks, Cross-Site Scripting)
- CSRF (cross-site request forgery, Cross-site request forgery)
What is SQL injection?
- Through a special web application input parameters passed in construction, resulting in a malicious SQL backend
- Since the programmer is not usually input to the filter, the direct dynamic SQL generated splicing
- You can use open source tools sqlmap, SQLninja detection.
How to prevent SQL injection?
Principle: never trust any input from the user
- Conducting the inspection (type and range) of input parameters; filtered and escaped special characters
- Do not direct splicing sql, use an ORM can greatly reduce the risk of sql injection
- The database layer: do rights management configuration; do not store sensitive information in plain text.
What is xss (Cross Site Scripting), cross-site scripting attacks
- The malicious code into user to another page provided to the user, the malicious code without the escape of output to be executed in another user's browser
- Users browse page when embedded in a page of the script (js) will be executed, attack users. For example, the dom: document.cookie can get cookie information page.
- Divided into two categories: a reflective type (non-persistent type), storage type (type persistent)
How to prevent XSS it?
Do not trust any input from the user!
- Filter (and input parameters). Sensitive tag <script> <img> <a> like filtration.
- Escaped. Of the common symbol ( "&", "<", ">") escape (python3 html.escape)