這篇 How to Crack a Website - XSS, Cookies, Sessions 所提到的原始文章講的很清楚,把常見的 XSS 問題都提出來了:XSS, Cookies, and Session ID Authentication – Three Ingredients for a Successful Hack

在文章裡提到的問題要解決其實還算簡單:沒有處理過的字串,要轉成 HTML 輸出要先經過 htmlentities() 處理。

This entry was posted in Browser, Computer, Murmuring, Network, Programming, Security, Software, WWW. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *