search

TracerLee / tracerlee.github.io

Personal blog written by Tracer
4 stars 0 forks source link

🆘 前端安全 #27

Open TracerLee opened 6 years ago

TracerLee commented 6 years ago

前端安全相关,XSS etc.

TracerLee commented 6 years ago

【译文】了解XSS攻击

原文: Excess XSS: A comprehensive tutorial on cross-site scripting

TracerLee commented 6 years ago

参考链接:

https://www.owasp.org/index.php/XSS_Experimental_Minimal_Encoding_Rules

https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.234_-_CSS_Escape_And_Strictly_Validate_Before_Inserting_Untrusted_Data_into_HTML_Style_Property_Values