上一篇 <<<工厂相关模式(Factory Pattern)
下一篇 >>>Web常用攻击手段-SQL注入
XSS攻击使用Javascript脚本注入进行攻击,常见于评论等表单提交。脚本里可以写任何东西,比如读取本地cookie远程发送给黑客服务器端。
最好使用火狐浏览器演示效果,google浏览器缓存现象严重
<script>alert('sss')</script>
<script>window.location.href='http://www.baidu.com';</script>
解决思路:
对特殊脚本进行转义---<script>alert('sss')</script>
- a、编写过滤器拦截所有getParameter参数
- b、重写httpservletwrapp方法,将参数特殊字符转换成html源代码保存.
//转换类
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
@Override
public String getParameter(String name) {
// 获取之前的参数
String olValue = super.getParameter(name);
System.out.print("原来参数:" + olValue);
if (!StringUtils.isEmpty(olValue)) {
// 将特殊字符转换成html展示 // 3.使用(StringEscapeUtils.escapeHtml(name)转换特殊参数
olValue = StringEscapeUtils.escapeHtml(olValue);
System.out.println("转换后" + olValue);
}
System.out.println();
return olValue;
}
}
//过滤器
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
// 程序防止XSS攻击原理
// 1. 使用过滤器拦截所有参数
HttpServletRequest req = (HttpServletRequest) request;
// 2.重新getParameter方法
XssHttpServletRequestWrapper xssHttpServletRequestWrapper = new XssHttpServletRequestWrapper(req);
// 放行程序,继续往下执行
chain.doFilter(xssHttpServletRequestWrapper, response);
}
- c、关键字过滤
"javascript", "window.location", "window.", ".location", "document.cookie", ".cookie",
"document.", "alert(", "window.open", "<script>", "</script>", "noscript", "confirm(",
"prompt", "oncontrolselect", "oncopy", "oncut", "ondataavailable", "ondatasetchanged",
"ondatasetcomplete", "ondblclick", "ondeactivate", "ondrag", "ondragend", "ondragenter", "ondragleave",
"ondragover", "ondragstart", "ondrop", "onerror", "onerroupdate", "onfilterchange", "onfinish",
"onfocus", "onfocusin", "onfocusout", "onhelp", "onkeydown", "onkeypress", "onkeyup",
"onlayoutcomplete", "onload", "onlosecapture", "onmousedown", "onmouseenter", "onmouseleave",
"onmousemove", "onmousout", "onmouseover", "onmouseup", "onmousewheel", "onmove", "onmoveend",
"onmovestart", "onabort", "onactivate", "onafterprint", "onafterupdate", "onbefore",
"onbeforeactivate", "onbeforecopy", "onbeforecut", "onbeforedeactivate", "onbeforeeditocus",
"onbeforepaste", "onbeforeprint", "onbeforeunload", "onbeforeupdate", "onblur", "onbounce",
"oncellchange", "onchange", "onclick", "oncontextmenu", "onpaste", "onpropertychange",
"onreadystatechange", "onreset", "onresize", "onresizend", "onresizestart", "onrowenter", "onrowexit",
"onrowsdelete", "onrowsinserted", "onscroll", "onselect", "onselectionchange", "onselectstart",
"onstart", "onstop", "onsubmit", "onunload", "onhaschange", "onmessage", "onoffline", "ononline",
"onpagehide", "onpageshow", "onpopstate", "onredo", "onstorage", "onundo", "onformchange",
"onforminput", "oninput", "oninvalid", "onmouseout", "onmouseover", "oncanplay", "oncanplaythrough",
"ondurationchange", "onemptied", "onended", "onloadeddata", "onloadedmetadata", "onloadstart",
"onpause", "onplay", "onplaying", "onprogress", "onratechange", "onseeked", "onseeking", "onstalled",
"onsuspend", "ontimeupdate", "onvolumechange", "onwaiting", "eval(", "setTimeout", "setInterval"
相关文章链接:
<<<Web常用攻击手段-SQL注入
<<<Web常用攻击手段-Http请求防盗链
<<<Web常用攻击手段-CSRF攻击
<<<Web常用攻击手段-上传文件漏洞
<<<Web常用攻击手段-忘记密码
<<<Web常用攻击手段-其他漏洞
<<<安全技术--数据加密/认证技术
<<<安全技术--Https相关知识
<<<安全技术--接口幂等性设计
<<<安全框架--SpringSecurity
<<<安全框架--JWT
<<<安全框架--OAuth2
<<<安全架构整体设计方案
网友评论