使用看起来可信任的中间媒介传输恶意数据的攻击被称为“交叉站点恶意内容”攻击。

Attacks that exploit an apparently trustworthy intermediary to pass on malicious data are called "cross-site malicious content" attacks.

youdao

由于攻击者通常是试图添加恶意的脚本，因些这种变化被称为“交叉站点脚本攻击” (XSS攻击)。

Since attackers are usually trying to add malicious scripts, this particular variation is called a "cross-site scripting attack" (XSS attack).

youdao

httpOnlyCookies属性对付交叉站点脚本攻击十分有用；它意味着浏览器将无法通过脚本语言访问Cookie。

The httpOnlyCookies attribute is useful as a measure against cross-site scripting attacks; it indicates to the browser that the cookie should not be accessible from scripts.

youdao