-
## 前言
可以落地的才是好的方案~
## 目录
- [安全](#%E5%AE%89%E5%85%A8)
- [网络](#%E7%BD%91%E7%BB%9C)
- [性能优化](#性能优化)
## 安全
不安全还提什么优化?
### XSS
> **跨网站指令码**(英语:Cross-site scripting,通常简称为:XSS)
**如何…
-
- Site: [https://get-into-teaching-app-dev.london.cloudapps.digital](https://get-into-teaching-app-dev.london.cloudapps.digital)
**New Alerts**
- **Non-Storable Content** [10049] total: 5:
-…
-
- Site: [http://localhost:3000](http://localhost:3000)
**New Alerts**
- **Cloud Metadata Potentially Exposed** [90034] total: 1:
- [http://localhost:3000/latest/meta-data/](http://localhost:…
-
```
SimpleModal or SimpleModal Contact Form (SMCF)? SMCF
Version of SimpleModal of SMCF (indicate Demo or WordPress plugin)? Your Demo
page Download
Version of jQuery? Your version included with…
-
# Summary
A reflective Cross-site Scripting (XSS) vulnerability has been identified in Discuz! X3.4 version 20220811. This reflected XSS vulnerability allows an attacker to inject malicious scripts i…
-
- Site: [https://intakeapp.azurewebsites.net](https://intakeapp.azurewebsites.net)
**New Alerts**
- **Server Leaks Version Information via "Server" HTTP Response Header Field** [10036] total: 11…
-
Read your blog post and thought I'd share this gem I've been using for a while. Basically copies a link to the current block at your cursor, creating the `^xxx` at the end of the line if it doesn't ex…
-
## Reflective Cross Site Scripting at info.php
1. I found that at line 50 of backend/common/system/info.php, Receive parameters without any filtering at `$_SERVER['HTTP_USER_AGENT']`.
**New Alerts**
- **CSP: Wildcard Directive** [10055] …
-
- Site: [https://student-admin-8878b4-test.apps.silver.devops.gov.bc.ca](https://student-admin-8878b4-test.apps.silver.devops.gov.bc.ca)
**New Alerts**
- **CSP: Wildcard Directive** [10055] tota…