The problem the forerunner

  • What is an XSS attack (concept, attack mode, harm)? How do I prevent XSS attacks? 【 browser 】

  • Sum of two numbers

    Find the two subscripts of a given array and the specified number. Input: nums = [2,7,11,15], target = 9 output: [0,1]Copy the code

Knowledge comb

What is an XSS attack? How do I prevent XSS attacks?

concept

XSS is short for Cross Site Scripting, a reference to CSS in the web design world for Cascading Style Sheets and to Cross for “crossing.” So XSS is what we call cross-site scripting attacks.

Cross-site scripting attack is a kind of security vulnerability, attackers can use this vulnerability to inject offensive script code into a website, when the attacked website will automatically execute the malicious code, attackers can even breach the access rights of the website, impersonate the victim, and carry out more offensive operations.

According to the Open Web Application Security Project (OWASP), XSS was recognized as one of the seven most common Web application vulnerabilities in 2017.

attacks

XSS can be classified into three types according to the source of attack scripts:

  • Stored XSS: Malicious scripts are stored on the target server. When the browser requests data, the script is uploaded from the server and executed.
  • Reflexive XSS: When a user clicks on a malicious link, submits a form, or enters a malicious site, the script is injected into the target’s site. The Web server will inject scripts, such as an error message, search results, and so on, back to the user’s browser. Because the browser thinks the response is from a “trusted” server, it executes the script.
  • Dom-based XSS: By modifying the original client code, the VICTIM browser’s DOM environment changes, resulting in the execution of the payload. That is, the page itself did not change, but because the DOM environment was maliciously modified, client code was included in the page and accidentally executed.

In short, stored XSS scripts are stored in the server, uploaded to the page and executed by the server. Stored XSS is also called persistent XSS. Because attack scripts are stored in the server, it can be seen that its harm is wide and its influence is great.

For example, the more classic message board persistent XSS attack, such as a website does not do special processing to the user input, but the user directly input similar to the following content:

<script>Alert (" you see me!" )</script>
Copy the code

Since the message board is cached on the server for everyone to see, this script is triggered when the user opens the message page.

Non-persistence is reflective XSS, where the user is redirected back to a trusted website after some malicious link, but because the malicious link carries some offensive form information, it is carried back by the redirected website, and then executed in the user interface. Because the script is triggered by the user and the server is just a staging post, which is then brought back to the page, it is called reflective XSS. After being “reposted” by trusted servers, scripts from malicious sites become trusted data and are then executed.

For example, a malicious link carries script code:

<a
   href="Http://192.168.1.102/xss/example.php? name=hey!" ) < /script>Word-wrap: break-word! Important; "> < p style = "max-width: 100%</a>
Copy the code

And some attackers use http://192.168.1.102/xss/example.php this page open logic, know the name parameter will be inserted into the page and then write the aggressive induced links, then when the user clicks to trigger design good script code.

Finally, DOM-based XSS is not common, as it is often the case that the browser environment has been maliciously tampered with, resulting in the execution of malicious code on certain pages.

harm

If the script is executed on the page, the worst case scenario is that all the information on the page is captured, or even faked as a user interacting with the server to do even more damage. Generally speaking, there are the following aspects of harm:

  • Obtain privacy data: customer cookies, session and other website information
  • DOS attack: Sends requests to the server, occupying server resources and preventing users from accessing the server
  • Modifying Page Information
  • Traffic hijacking. Link to other sites, further malicious control or other operations.

How do I prevent XSS attacks

From the point of view of XSS attacks, the causes of script execution are two aspects, one is the server receives the script, but did not identify, keep client trust condition, the second is the browser itself not to identify the script, we found that the malicious script execution basic it is to operate the DOM to set out, and the operation of the DOM is can be controlled by the client. Therefore, PREVENTION of XSS comes from both the server and client sides.

There are different ways to deal with different scripting attacks, and some attacks may not have emerged yet, but layer upon layer checks are what we can do:

  • Translation of uploaded user data: client translation or input restriction; The server side should also be translated to avoid slipping through the net.

  • Be extremely careful with DOM manipulation: Scripting languages often take advantage of DOM manipulation irregularities, and have explicit control over where the DOM comes from.

  • Example Set the CSP security policy. Strict CSP Settings can

    • Prohibit loading outfield code to prevent complex attack logic.

    • Prohibit submission from the outdomain. After a website is attacked, user data will not be leaked to the outdomain.

    • Forbid inline script execution (strict rules, currently found to be used on GitHub).

    • Disable unauthorized script execution (new feature, in use with Google Map Mobile).

    • Proper use of reports can discover XSS in a timely manner, which helps to rectify problems as soon as possible.

      See Content Security Policy (CSP) – MDN for more details.

  • Enhance the protection of sensitive data and submit attack threshold: For example, http-only is used in cookies to prevent scripts from obtaining privacy information, and authentication operations are set to increase the threshold of script attack.

  • Active detection: use XSS attack detection tools to scan website data for XSS vulnerabilities.

Extension: XSS attack mini-game

Here are a few examples of XSS attacks that developers have deliberately left common XSS vulnerabilities on their websites. Players submit the corresponding input on the web page and complete the XSS attack to complete the game.

  • alert(1) to win
  • prompt(1) to win
  • XSS game

Reference:

  • Cross-site Scripting (Cross-site Scripting attacks) – MDN

  • Talk about XSS attacks – Zhihu

  • Front-end Security Series 1: How do I Prevent XSS attacks?

Key words: browser security, XSS

The sum of two Numbers

Find the two subscripts of a given array and the specified number. Input: nums = [2,7,11,15], target = 9 output: [0,1]Copy the code

The brute force solution is easy to think of, just go through the set of numbers and add them up to see if they’re equal to the target.

We find that the key statement is nums[I] + nums[j] == target, so we need to know that we know both I and j, so we have to traverse the array twice.

In fact, this key expression can be converted to the difference: nums[I] == target-nums [j]. If the difference between the target value and the subscript j is the value of num[I], we usually iterate over the value of nums[I], so that when the appropriate NUMs [j] can match, we only need to iterate over the array once.

Reference code:

/ * * *@param {number[]} nums
 * @param {number} target
 * @return {number[]}* /
 var twoSum = function(nums, target) {
    const map = new Map(a);// Store the traversed data
    for(let i  = 0; i < nums.length; i++) {
        const diff = target - nums[i];
        if(map.has(diff)) {
            return[map.get(diff), i]; } map.set(nums[i], i); }}Copy the code

Key words: transformation solution ideas, similar