xss
- 网络攻击;跨站点脚本
-
Design and Implementation of XSS Vulnerability Detection Tool Based on Crawler
基于爬虫的XSS漏洞检测工具设计与实现
-
Ways to check whether your site is protected from XSS
检查您的站点是否处于XSS攻击保护的方法
-
According to the problem proposed above , this paper makes a research on the server-client cooperation XSS defense method .
为此,提出基于服务器端-客户端协作的跨站脚本攻击防御方法。
-
It 's now almost impossible to have an accidental XSS attack .
现在偶然出现一个XSS攻击已经不太可能了。
-
Preventing XSS attacks requires diligence from the part of the programmers and the necessary security testing .
防止XSS攻击,需要勤奋的程序员和必要的安全测试。
-
At the core of a traditional XSS attack lies a vulnerable script in the vulnerable site .
传统的XSS攻击的核心处位于脆弱的站点中的脆弱的脚本。
-
To protect against XSS attacks , you need to scrub all inputs .
要防止遭受XSS攻击,需要清理所有输入。
-
How to secure a site against XSS attacks
如何保护站点不受XSS攻击
-
On-demand scripts can include malicious code aimed at exploiting security vulnerabilities such as XSS .
按需脚本可能包含打算攻击XXS等安全漏洞的恶意代码。
-
It also describes cross-site scripting ( XSS ), which has become a popular security buzzword .
它也能描述一个跨站点的脚本语言(XSS),成为一个流行的词语。
-
Note : This regular expression should not be used in production environments as it is not secure against XSS attacks .
注意:这个正则表达式不应该使用在生产环境中,因为它对于XSS攻击不安全。
-
The first is by far the most popular : cross-site scripting ( XSS ) .
第一个漏洞是最流行的:跨站脚本编程(cross-sitescripting,XSS)。
-
Checking that a site is secure from XSS attacks is the logical conclusion of securing the site .
检查站点免于遭受XSS攻击是加强站点安全保护的必然结论。
-
You 've probably heard this called cross-site scripting ( XSS ) vulnerabilities .
您可能听说过称为cross-sitescripting(XSS)的漏洞。
-
An XSS vulnerability occurs when a user has the ability to inject HTML code into your Web pages .
当用户能够把HTML代码注入到您的Web页面中时,就是出现了XSS漏洞。
-
If you know nothing about XSS or CSRF , take the time to learn more about these security vulnerabilities .
如果你知道什么的XSS或CSRF的,花时间去学习更多的有关这些安全漏洞。
-
That is why most examples for XSS attacks use the Alert function , which makes it very easy to detect its success .
这就是为什么大部分XSS攻击的实例使用Alert方法,因为这很容易检测其成功。
-
Unlike those , the XSS attack involves three parties : the attacker , the client , and the Web site .
与那些攻击不同的是,XSS攻击同时涉及三个群体:黑客、客户端和Web站点。
-
Many site owners dismiss XSS on the grounds that it cannot be used to steal sensitive data from a back-end database .
许多网站所有者驳回,理由是,它不能被用来窃取敏感数据从后端数据库的XSS攻击。
-
XSS attacks work by supplying input that a program does not expect and exploiting how it handles rogue input .
XSS通过提供程序不期望的输入,然后利用程序对无赖输入的处理方式发动进攻。
-
A mashup application or page must address CSRF , Ajax vulnerabilities , XSS , and other potential security weaknesses .
mashup应用程序或页面必须解决CSRF、Ajax漏洞、XSS和其他潜在的安全漏洞。
-
In a typical XSS attack the hacker infects a legitimate web page with his malicious client-side script .
在一个典型的XSS攻击的黑客与他的恶意客户端脚本感染合法的网页。
-
Finally , make sure your PHP code is resilient to XSS attacks , form spoofs , and CSRF attacks .
最后,确保PHP代码可以抵抗XSS攻击、表单欺骗和CSRF攻击。
-
These weaknesses of coding in Web 2.0 sites are known in the security industry as cross-site scripting , or XSS vulnerabilities .
网络安全业内将web2.0网站内的这些编码缺陷,称为跨站脚本(xss)或跨站脚本漏洞。
-
Increased protection from attacks such as Cross-site Scripting ( XSS ), SQL Injection and Remote File Inclusions ( RFI ) .
更多的安全防护措施,如跨站脚本(XSS)、SQL注入及远程文件包含(RFI)。
-
There are many slight variations to this theme , however all XSS attacks follow this pattern , which is depicted in the diagram below .
这个主题有许多细微变化,但是所有的XSS攻击遵循这种模式,这是图中的描述如下。
-
Causing the JavaScript pop-up window to emerge usually suffices to demonstrate that a site is vulnerable to an XSS attack .
引发JavaScript弹出窗口的出现通常足够说明该站点容易受到XSS攻击。
-
If your Web application does not guard against XSS attacks , the only limit to the harm done is the imagination of the attacker .
如果您的Web应用程序不针对XSS攻击进行保护,则会造成严重的破坏。
-
XSS is a similar kind of problem ; this time , the untrusted data is targeted at the people browsing your site , rather than your application itself .
XSS也是一个类似的问题。不过这一次不受信任的数据瞄准的是浏览站点的人们,而不是应用程序本身。
-
Guard against Cross-Site Scripting ( XSS ) vulnerabilities
保护跨站点脚本(Cross-sitescripting,XSS)漏洞