Web????????XSS
???????????? ???????[ 2014/3/10 15:48:50 ] ????????XSS Web???? ??? JavaScript
??????????е?Textbox?????????????????????????????Щ???????? ??????????????????????????????XSS???
??????URL?в?????Щ???????URL???????Web???????? ????Щ????????????????????????? ??????????????????
??????????: ?????????XSS???
????????????к??XSS??蹤????? ???XSS?????????????????????HttpWebRequest?? ?????xss ?????????????Web???????? ????HttpWebResponse?У??????XSS????????????????????
????HTML Encode ??URL Encode??????
???????????????????????????????? ?????????????????????
????HTML??????????????????????URL ????????????url??淶???????????url?淶?????????????????????????url?е??
??????????baidu??????"???????"?? URL????
????http://www.baidu.com/s?wd=%B2%E2%CA%D4%BA%BA%D7%D6&rsv_bp=0&rsv_spt=3&inputT=7477
??????νURL??????????????з??????????????????滻??????%???????λ????????????????????????+??
??????C#????????????????????????HttpUtility.UrlEncode("string <scritp>") ??????? ?????????System.Web??????
????Fiddler???????????????? ???Toolbar???"TextWizard" ???
??????????е?XSS??????
?????????????XSS?? ?????????????????????м??????????????XSS?? ????IE8??IE9??Firefox?? Chrome. ???????XSS????????? ??????????XSS?? ???????
????????????????? ?????IE7??
????ASP.NET?е?XSS???????
????ASP.NET???з???XSS????????????????????????????XSS??????????????XSS????????ASP.NET?????????????????
?????????????????и??? ???????????XSS?????? ASP.NET???????????????????? ?????????????а??????????????д?????”?????????“??
?????????????????????? ??????? <%@ Page validateRequest=“false" %>
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11
sales@spasvo.com