xss漏洞攻击与防止办法
xss又叫css教程 (cross site script) ,跨站脚本攻击。它指的是恶意攻击者往web页面里插入恶意html代码,当用户浏览该页之时,嵌入其中web里面的html代码会被执行,从而达到恶意攻击用户的特殊目的。
源页面放一个标签,在后台page_load里面写this.textlabel.text = request["msg"];
构建攻击,让攻击后把数据传递到目标页
构建代码如下:
msg=
、解决办法
最重要的一点,就是提高意识严格控制输入和输出。具体执行的方式有以下几点:
第一、在输入方面对所有用户提交内容进行可靠的输入验证,提交内容包括url、查询关键字、http头、post数据等
第二、在输出方面,在用户输内容中使用
<![CDATA[标签。标签内的内容不会解释,直接显示。 <br />
第三、严格执行字符输入字数控制。 <br />
第四、在脚本执行区中,应绝无用户输入。</p>
<p>=====================================================<br />
sql注入<br />
加入用户提交的 内容里面 含有 ; 号,那么sql语句会被截断....然后,后果就</p>
<p> </p>
<p>页面加载完毕后,执行login</p>
</div>
<div class="pages art-detail">
</div>
<ul class="TurnPage">
<li class="TurnPage-left">
<p>
<span>上一个:</span>
<a href="https://www.111com.net/wy/Dom/37137.htm" class="maxWidth">Microsoft.XMLDOM 遍历xml所有节点实现代码</a>
</p>
</li>
<li class="TurnPage-right">
<p>
<span>下一个:</span>
<a href="https://www.111com.net/wy/156/37145.htm" class="maxWidth">VS2003出现ASP.NET版本不匹配,解决方法 </a>
</p>
</li>
</ul>
<div class="articles">
<div class="tit02">
<h4>相关文章</h4>
</div>
<ul>
<li>
<a target="_blank" href="https://www.111com.net/wy/228472.htm">HTML简单购物数量小程序代码展示</a>
<span>10-31</span>
</li>
<li>
<a target="_blank" href="https://www.111com.net/wy/228464.htm">html canvas实现弹幕功能</a>
<span>10-31</span>
</li>
<li>
<a target="_blank" href="https://www.111com.net/wy/228463.htm">HTML中空格表示的意义</a>
<span>10-31</span>
</li>
<li>
<a target="_blank" href="https://www.111com.net/wy/228462.htm">html area标签解读</a>
<span>10-31</span>
</li>
<li>
<a target="_blank" href="https://www.111com.net/wy/228461.htm">html使用表单标签实现注册页面代码展示</a>
<span>10-31</span>
</li>
<li>
<a target="_blank" href="https://www.111com.net/wy/228460.htm">使用HTML截图并保存为本地图片的代码展示</a>
<span>10-31</span>
</li>
</ul>
</div>
</div>
</div>
</div>
</div>
<div class="hot-column">
<div class="cont">
<div class="tit">
<h4>热门栏目</h4>
</div>
<ul class="clearfix">
<li>
<h6><a href="https://www.111com.net/phper/php.html" target="_blank">php教程</a></h6>
<a href="https://www.111com.net/list-45/" target="_blank">php入门</a>
<a href="https://www.111com.net/list-46/" target="_blank">php安全</a>
<a href="https://www.111com.net/list-47/" target="_blank">php安装</a>
<a href="https://www.111com.net/list-48/" target="_blank">php常用代码</a>
<a href="https://www.111com.net/list-49/" target="_blank">php高级应用</a>
</li>
<li>
<h6><a href="https://www.111com.net/net/net.html" target="_blank">asp.net教程</a></h6>
<a href="https://www.111com.net/list-78/" target="_blank">基础入门</a>
<a href="https://www.111com.net/list-79/" target="_blank">.Net开发</a>
<a href="https://www.111com.net/list-80/" target="_blank">C语言</a>
<a href="https://www.111com.net/list-81/" target="_blank">VB.Net语言</a>
<a href="https://www.111com.net/list-82/" target="_blank">WebService</a>
</li>
<li>
<h6><a href="https://www.111com.net/sj/index.html" target="_blank">手机开发</a></h6>
<a href="https://www.111com.net/list-208/" target="_blank">安卓教程</a>
<a href="https://www.111com.net/list-209/" target="_blank">ios7教程</a>
<a href="https://www.111com.net/list-210/" target="_blank">Windows Phone</a>
<a href="https://www.111com.net/list-211/" target="_blank">Windows Mobile</a>
<a href="https://www.111com.net/list-212/" target="_blank">手机常见问题</a>
</li>
<li>
<h6><a href="https://www.111com.net/cssdiv/css.html" target="_blank">css教程</a></h6>
<a href="https://www.111com.net/list-99/" target="_blank">CSS入门</a>
<a href="https://www.111com.net/list-100/" target="_blank">常用代码</a>
<a href="https://www.111com.net/list-101/" target="_blank">经典案例</a>
<a href="https://www.111com.net/list-102/" target="_blank">样式布局</a>
<a href="https://www.111com.net/list-103/" target="_blank">高级应用</a>
</li>
<li>
<h6><a href="https://www.111com.net/wy/yw.html" target="_blank">网页制作</a></h6>
<a href="https://www.111com.net/list-136/" target="_blank">设计基础</a>
<a href="https://www.111com.net/list-137/" target="_blank">Dreamweaver</a>
<a href="https://www.111com.net/list-138/" target="_blank">Frontpage</a>
<a href="https://www.111com.net/list-139/" target="_blank">js教程</a>
<a href="https://www.111com.net/list-140/" target="_blank">XNL/XSLT</a>
</li>
<li>
<h6><a href="https://www.111com.net/office/index.html" target="_blank">办公数码</a></h6>
<a href="https://www.111com.net/list-236/" target="_blank">word</a>
<a href="https://www.111com.net/list-237/" target="_blank">excel</a>
<a href="https://www.111com.net/list-238/" target="_blank">powerpoint</a>
<a href="https://www.111com.net/list-239/" target="_blank">金山WPS</a>
<a href="https://www.111com.net/list-240/" target="_blank">电脑新手</a>
</li>
<li>
<h6><a href="https://www.111com.net/jsp/jsp.html" target="_blank">jsp教程</a></h6>
<a href="https://www.111com.net/list-68/" target="_blank">Application与Applet</a>
<a href="https://www.111com.net/list-69/" target="_blank">J2EE/EJB/服务器</a>
<a href="https://www.111com.net/list-70/" target="_blank">J2ME开发</a>
<a href="https://www.111com.net/list-71/" target="_blank">Java基础</a>
<a href="https://www.111com.net/list-72/" target="_blank">Java技巧及代码</a>
</li>
</ul>
</div>
</div>
<div class="footer">
<div class="cont">
<p>
<a href="https://www.111com.net/" target="_self">一聚教程网</a>|
<a href="https://www.111com.net/us/us.html" class="about" target="_self">关于我们</a>|
<a href="https://www.111com.net/us/me.html" class="contact" target="_self">联系我们</a>|
<a href="https://www.111com.net/us/ads.html" class="gg_contact" target="_self">广告合作</a>|
<a href="https://www.111com.net/us/link.html" class="friend_link" target="_self">友情链接</a>|
<a href="https://www.111com.net/us/bcinfo.html" class="copyright_notice" target="_self">版权声明</a>
</p>
<p>
<span>copyRight@2007-2024 www.111COM.NET AII Right Reserved <a href="https://beian.miit.gov.cn/" target="_blank" class="beian">苏ICP备17065847号-2</a> </span>
</p>
<p>
<span>
网站内容来自网络整理或网友投稿如有侵权行为请邮件:yijucomnet@163.com 我们24小时内处理
</span>
</p>
</div>
</div>
<script src="https://assets.111com.net/js/stat.js?v=2024022101"></script>
<script src="https://api.111com.net/api/stat/hits?type=article&id=37144"></script>
</body>
</html>
]]> 
