计算机与现代化 ›› 2011, Vol. 1 ›› Issue (8): 174-178.doi: 10.3969/j.issn.1006-2475.2011.08.048

• 信息安全 • 上一篇    下一篇

防范XSS攻击的研究综述

刘 海1,徐 芳2,郭 帆2

  

  1. 1.江西服装学院计算机教研室,江西 南昌 330201; 2.江西师范大学计算机信息工程学院,江西 南昌 330022
  • 收稿日期:2011-06-08 修回日期:1900-01-01 出版日期:2011-08-10 发布日期:2011-08-10

Research on Prevention of XSS Attack

LIU Hai1, XU Fang2, GUO Fan2   

  1. 1. Department of Computer, Jiangxi Institute of Fashion Technology, Nanchang 330201, China;2. School of Computer and Information Engineering, Jiangxi Normal University, Nanchang 330022, China
  • Received:2011-06-08 Revised:1900-01-01 Online:2011-08-10 Published:2011-08-10

被引次数

11

摘要: 跨站脚本(XSS)漏洞是近年来报道最多的一种Web应用程序安全漏洞。目前对其防范研究工作还比较少。本文主要针对防范XSS攻击的研究工作进行综述,包括分析和比较目前各种防范XSS攻击的措施,并指出各种防范措施的优缺点,最后提出一种防范XSS攻击的架构。

关键词: Web安全, 跨站脚本, 防范

Abstract: Cross site scripting loophole is a kind of Web application security loophole, which is reported mostly these years. At present, there are few researches on such subject. This article summarizes how to keep watch XSS attack, including analyzing and comparing all kinds of existent measures for XSS attack, listing the advantages and disadvantages of all kinds of precautionary measures, finally putting forward a kind of schema to keep watch XSS attack.

Key words: Web safety, cross site scripting, prevention

中图分类号: 

版权所有 © 《计算机与现代化》编辑部
地址:江西省南昌市西湖区井冈山大道1416号 邮编:330003
电话:0791-86490996  传真:0791-86492535  Email:jgsdd@163.com
本系统由北京玛格泰克科技发展有限公司设计开发