| 跨站脚本攻击原理与防范 |
| |
| 引用本文: | 古开元,周安民.跨站脚本攻击原理与防范[J].网络安全技术与应用,2005(12):19-21. |
| |
| 作者姓名: | 古开元 周安民 |
| |
| 作者单位: | 四川大学信息安全研究所,四川,610064 |
| |
| 摘 要: | 本文首先从静态网站和动态网站的区别出发,介绍了跨站脚本形成的原因和攻击的原理,然后说明了跨站脚本攻击所带来的危害,最后针对网站开发人员和网络用户提供了几种最为有效的防范和检测办法。
|
| 关 键 词: | 动态网站 HTML 跨站脚本 XSS |
Principle and Prevention of Cross-Site Srcipting Attack |
| |
| Gu Kaiyuan,Zhou Anmin.Principle and Prevention of Cross-Site Srcipting Attack[J].Net Security Technologies and Application,2005(12):19-21. |
| |
| Authors: | Gu Kaiyuan Zhou Anmin |
| |
| Affiliation: | Gu Kaiyuan,Zhou Anmin Information Security Institute,SiChuan University,Sichuan,610064 |
| |
| Abstract: | This Paper firstly introduces the fact how a Cross-Site Scripting issue occurs and the principle how it comes to a real attack from the difference between static web sites and dynamic web sites,then illuminates what compromise it can bring out. In this paper,several available methods of prevention and detection are provided to vendor as well as user. |
| |
| Keywords: | Dynamic pages HTML Cross-Sites Scripting XSS |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
