XSS
XSS attack usually refers to the use of the vulnerabilities left in the development of the web page, through a clever way to inject malicious command code into the web page, the user load and execute the malicious web program made by the attacker. These malicious web programs are usually JavaScript, but can actually include Java, VBScript, ActiveX, Flash, or even plain HTML. After a successful attack, the attacker may gain various contents including but not limited to higher permissions (such as performing some operations), private web content, sessions and cookies.
1. Reflective Xss
This happens at request time, when our form submission parameter appears in the address of the request URL, and the server parses and sends the response back to the browser. Xss occurs when the response contains the Xss content of the previous form input, which the browser parses and executes.
Such as the current request connection
http://***.com?name=<script>alert(1)</script>
Copy the codeWhen the browser requests it, the server parses the name parameter, retrieves the contents of the script tag, splices it into HTML and returns it to the browser. The browser appears
2. Storage Xss
Basically, the XSS code is sent to the server, where the script is passed back and executed when other users request data in the browser. The difference with reflective XSS is that the submitted code is stored on the server side and no XSS code is submitted the next time the target page is requested.
More common is the message board, forum and so on. Someone inserts malicious JS or HTML code into the message content. The message content will be submitted and stored in the database. After the message content is parsed from the server, XSS code is found and executed as normal HTML and JS parsing.
3. The dangers of XSS
-
Stealing cookies
From the above example, we can see that the person injecting THE XSS code, while writing the javascript code, can pass
<script>document.cookies</script>
Copy the codeTo get cookies.
2. Unintentional actions
You can also take advantage of JavaScript features to directly replace the user in HTML for all kinds of operations. Malicious jump, hang some strange pictures, links and so on.
4. Basic preventive measures of XSS
1. Escape characters
| character | Escape into |
|---|---|
| & | & ; |
| < | < ; |
| > | > ; |
| ‘ | ' ; |
| “ | " ; |
| / | / ; |
| The blank space |   ; |
2. Cookies Set httpOnly=true to prevent clients from operating cookies
3. Use V-HTML with caution in VUE. You can replace V-HTML with NPM install XSS
4. Add it in htmL
<meta http-equiv="Content-Security-Policy" content="default-src http: https: 'self' 'unsafe-inline' ***.com;" >Copy the codeTrust HTTP, HTTPS resources, and resources in the current domain name. Allow the use of embedded resources. For details, refer to related documents.
5. The HTTP response header x-xss-protection :1 exists in most browsers. mode=block;