 |
日历
| « August 2010 » |
| Su |
Mo |
Tu |
We |
Th |
Fr |
Sa |
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | | 8 | 9 | 10 | 11 | 12 | 13 | 14 | | 15 | 16 | 17 | 18 | 19 | 20 | 21 | | 22 | 23 | 24 | 25 | 26 | 27 | 28 | | 29 | 30 | 31 | |
 |
PortWatcher's Blog
Monday, 2025-06-30, 3:21 AM
Welcome Guest
BlogMain » 2010 » August » 18
旨在阻止跨站点脚本攻击的输入确认机制按以下顺序处理一个输入: (1)删除任何出现的 表达式;
(2)将输入截短为50个字符; (3)删除输入中的引号; (4)对输入进行URL解码; (5)如果任何输入项被删除,返回步骤(1)。 能避开上述确认机制,让以下数据通过确认吗? Code
"><script>alert("foo")</script>
在书中给出的网站上找到了答案: Yes. If it were not for Step 4, this mechanism would be robust in terms of filtering the specific items it is designed to block. However, because your input is decoded after the filtering steps have been performed, you can simply URL-encode selected characters in your payload to evade the filter:
Category:
学习笔记
|
Views:
783
|
Added by:
Jury
|
Date:
2010-08-18
|
| |
|
 |
