... Cross-site scritping(XSS):(跨站点 脚本攻击) CSRF:(跨站点伪造请求) Email Header Injection(邮件标头注入) ...
基于18个网页-相关网页
跨站点伪造请求测试 cross-site request forgery ; CSRF
跨站点请求伪造 CSRF ; cross-site request forgery
针对跨站点请求伪造 Cross-Site Request Forgeries
对跨站点请求伪造 Cross-Site Request Forgeries
类似的跨站点请求伪造 Cross-Site Request Forgery
Jacob对其中的一些弱点给出了示例,像跨站点脚本攻击(XSS)、跨站点伪造请求(CSRF)、HTTP响应分割、会话固定攻击以及SQL注入攻击等等。
Jacob gave examples of some of the vulnerabilities like Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), HTTP Response Splitting, Session Fixation, and SQL Injection.
一个是CSRF (Cross Site Request Forgery,跨站点伪造请求攻击),它允许攻击者绕过基于cookie的身份认证,前些天我曾在Blog上介绍过这种攻击。
CSRF (Cross Site Request Fogery) allows attackers to bypass cookie based authentication. I blogged about it a while ago.
除了处理传统威胁外,混搭应用程序或web页面必须解决跨站点脚本编写(XSS)和跨站点请求伪造(CSRF)等问题。
In addition to handling traditional threats, a mashup application or web page must address such issues as cross-site scripting (XSS) and cross-site request forgery (CSRF), among others.
应用推荐