A malicious user can send a really long data sequence.
恶意用户会发送超长数据。
Provides information on guarding against malicious user input.
提供有关防止恶意用户进行输入的信息。
But a malicious user could change the id via firebug or some other tool.
但是,恶意用户可以通过浏览器或其他工具更改id。
What happens if a malicious user decides to submit the form 10,000 times in a single day?
如果恶意用户决定在一天内提交 10,000次此表单,会发生什么情况呢?
One example is defacing a Web page, where the malicious user gets into your site and changes files.
例如,恶意用户进入您的站点并更改文件,从而使网页变得面目全非。
There is no malicious user could get the token to access the information you don't want to publish.
没有恶意用户可以得到令牌来访问你不希望发布的信息。
Consider the scenario in which a malicious user USES proxy tools to hijack data sent by the browser.
考虑恶意用户用代理工具劫持由浏览器发送的数据这一情况。
This brings up a few questions: What if a malicious user hacks the underlying security mechanism itself?
这会带来几个问题:如果恶意用户攻破了底层安全机制本身,那么会怎么样?
In such cases, if a malicious user exploits these sessions, the user can potentially disrupt the system.
在这些情况下,如果恶意用户利用这些会话,用户就会潜在地破换系统。
Any code that executes in a Web browser can be tampered with, or bypassed completely, by a malicious user.
Web浏览器上运行的任何代码都可能被恶意用户篡改或者完全绕开。
The biggest potential problem is gems with dashes in them. A malicious user could go to GitHub and create a.
最严重的潜在问题莫过于带有破折号(dash)的gems了。
A malicious user manages to get code (script) to execute by masking it as user input from a page or as a link.
恶意使用者能够取得要执行的程序码(指令码),方法是将其伪装成页面的使用者输入或连结。
It is possible for a malicious user to use the postback script to send arbitrary post events to server controls.
恶意用户有可能使用回发脚本向服务器控件发送任意发送事件。
As more malicious users target the site, the company will have to protect the user behaviors that give the site its value.
随着更多有恶意的用户将目标指向该网站,Twitter将要保护用户的行为以此让该网站有存在的意义。
If a malicious user gets hold of this key information, then the security of that host machine can be compromised very easily.
如果恶意用户获得了这些密钥信息,那么主机的安全性就很容易受到威胁。
Using a Padding Oracle (PO) attack a malicious user can access encrypted data such as cookies, state, membership password, etc.
恶意用户能够使用PaddingOracle (PO)攻击方式来解密cookie,加密状态及认证密码等关键信息。
For example, a malicious user could construct a build definition to run arbitrary code to take control of the server and steal data.
例如,恶意用户可能会构建用于运行任意代码的生成定义,从而控制服务器并窃取数据。
For example, a malicious user could gain access to a user's resources if the user walks away from his machine and leaves it logged in.
例如,如果用户登录之后离开了他的机器,恶意用户就可以访问他的资源。
A malicious user could record communication between the client and the server and then use that information to replay the transaction.
恶意用户可以记录客户端和服务器之间的通信,然后使用该信息重播事务。
A malicious user can change the information returned by the role service to access components that the user does not have permission to access.
恶意使用者可能会更改角色服务传回的资讯,来存取无权存取的元件。
If you create custom error messages, make sure that you do not display information that might help a malicious user compromise your application.
安全说明如果要创建自定义错误信息,请确保显示的信息不会帮助恶意用户损害您的应用程序。
When your application displays error messages, it should not give away information that a malicious user might find helpful in attacking your system.
当应用程序显示错误讯息时,不应将有助于恶意使用者攻击系统的资讯送出。
If a malicious user can overwrite the buffer, then the value of the flag can be changed, thus providing the attacker with illegal access to private files.
如果有不怀好意的使用者覆写缓冲区,则会变更标志的值,从而指出攻击者是非法存取专用文件。
Data can be stored in the session with no direct way for a malicious user to alter it. (Bugs in your code may still give an attacker an opening, of course.)
数据可以存储在会话中,恶意用户无法直接修改它(当然,代码中的bug仍然可能产生安全漏洞)。
The most security-conscious developers distrust even their own databases, on the theory that a malicious user might have found a way to tamper with the database.
安全意识很强的开发人员甚至不信任他们自己的数据库,理由是他们认为恶意用户可能有办法篡改数据库。
A malicious user can exploit this by supplying you with data or style sheets that when executed can cause your system to process until the computer runs low on resources.
某个恶意用户可能会利用这一点,如果执行该用户提供的数据或样式表,就会导致系统不停地进行处理直至计算机资源消耗殆尽。
Unsafe arguments are ones that include database or command line escape characters that could allow a malicious user to manipulate your application into executing arbitrary commands.
不安全参数是包含数据库或命令行转义符的参数,这些转义符可以让恶意用户操纵应用程序执行任意命令。
Directory traversal is another injection-style attack, wherein a malicious user tricks filesystem code into reading and/or writing files that the Web server shouldn't have access to.
目录遍历是另一种注入类型的攻击,攻击者欺骗文件系统读或写服务器不允许操作的文件。
Malicious software often infects a corporate network by exploiting security holes in web browsers to infiltrate a PC when its user visits a dodgy website.
恶意软件经常通过嗅探网络浏览器的安全漏洞来感染公司网络,当用户访问隐藏的网页时,所用电脑会感染病毒。
Malicious software often infects a corporate network by exploiting security holes in web browsers to infiltrate a PC when its user visits a dodgy website.
恶意软件经常通过嗅探网络浏览器的安全漏洞来感染公司网络,当用户访问隐藏的网页时,所用电脑会感染病毒。
应用推荐