跨站点脚本攻击带来了巨大的风险。
跨站点脚本编制的威胁。
我建议你阅读如何防止跨站点脚本在ASP。
I recommend you read How To: Prevent Cross-Site Scripting in ASP.
这个安全限制是为了避免跨站点脚本攻击(XSS)。
This security restriction is to avoid cross-site scripting attacks (XSS).
这可以防止跨站点脚本,一个令人讨厌的攻击方法。
该脚本容易受跨站点脚本攻击,因为它盲目输出所提交的表单数据。
This script is vulnerable to cross-site scripting attacks because it blindly prints out submitted form data.
在Wikipedia了解有关跨站点脚本 的更多信息。
对于跨站点脚本预防情况,您需要过滤掉浏览器支持的脚本语言的转义字符。
In the case of cross-site scripting prevention, you need to filter out the escape characters for the scripting languages supported by the browser.
包括一些额外的安全硬伤,比如阻止跨站点脚本,这些只能由管理员触发。
Contains some additional security hardening, like preventing cross-site scripting that could be triggered only by administrators.
当攻击者向用户提交的动态表单引入恶意脚本时,就会产生跨站点脚本(XSS)攻击。
When an attacker introduces a malicious script to a dynamic form submitted by the user, a cross-site scripting (XSS) attack then occurs.
本文中,我们讨论了攻击者如何使用跨站点脚本编制作为对网站发动攻击的技术。
In this article, we discussed how attackers use cross-site scripting as a technique to launch attacks against Web sites.
统计数据说明,黑客完全有能力使用跨站点脚本等技术突破防御边界,到达数据库。
Statistics show that hackers are skilled at using techniques such as cross-site scripting to penetrate perimeter defenses and reach the database.
当攻击者知道某一网站上的应用程序易受跨站点脚本编制攻击后,他就可以规划攻击。
After an application on a Web site is known to be vulnerable to cross-site scripting, an attacker can formulate an attack.
通常,这是一种很好的行为,因为它防止了在访问网页时跨站点脚本安全性隐患的发生。
Normally, this is a very good behavior because it prevents cross-site scripting security vulnerabilities from occurring when you access pages on the Web.
保护跨站点脚本(Cross - site scripting,XSS)漏洞。
商业站点上每月都会发现跨站点脚本编制的攻击,并且每月都会发布解释这种威胁的报告。
Every month cross-site scripting attacks are found in commercial sites and advisories are published explaining the threat.
跨站点脚本攻击使黑客能够将恶意脚本嵌入到访问者的浏览器中,然后执行该脚本收集数据。
Cross-site scripting attacks allow hackers to embed a malicious script on your visitor's browser and then execute the script in order to gather data.
跨站点脚本编制将服务器应用程序置于危险之中,这些危险包括(但不限于)以下几种情况。
Cross-site scripting poses server application risks that include, but are not limited to, the following.
通过将代码放在服务器端,减少了通过跨站点脚本、SQL注入等手段进行恶意活动的风险。
By keeping the code server side, you reduce the risk of any malicious activity through cross-site scripting, SQL injection, and so on.
跨文档进行绑定的安全问题:当前的动态/Ajax解决方案中的限制防止跨站点脚本编制。
Security issues when binding cross-documents: Limitations in the current dynamic/Ajax solutions prevent cross-site scripting.
可编辑数据验证——为了去除跨站点脚本和SQL注入攻击,HDIV分析所有的可编辑数据域。
Editable Data Validation - HDIV analyzes all editable fields to remove cross-site scripting and SQL injection attacks.
AjaxChat还具有安全性,能够防止代码注入、SQL注入、跨站点脚本攻击、会话偷窃以及其他攻击。
Ajax Chat has security in mind to prevent code injections, SQL injections, cross-site scripting, session stealing, and other attacks.
在扫描阶段,攻击者可能会利用路径遍历和跨站点脚本;在攻击阶段,黑客可能会利用SQL注入或远程文件包含进行攻击。
An attacker may use directory traversal and cross-site ccripting during a scan phase and then hit it with an SQL injection or an RFI in the exploit phase.
除了处理传统威胁外,混搭应用程序或web页面必须解决跨站点脚本编写(XSS)和跨站点请求伪造(CSRF)等问题。
In addition to handling traditional threats, a mashup application or web page must address such issues as cross-site scripting (XSS) and cross-site request forgery (CSRF), among others.
Jacob对其中的一些弱点给出了示例,像跨站点脚本攻击(XSS)、跨站点伪造请求(CSRF)、HTTP响应分割、会话固定攻击以及SQL注入攻击等等。
Jacob gave examples of some of the vulnerabilities like Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), HTTP Response Splitting, Session Fixation, and SQL Injection.
Jacob对其中的一些弱点给出了示例,像跨站点脚本攻击(XSS)、跨站点伪造请求(CSRF)、HTTP响应分割、会话固定攻击以及SQL注入攻击等等。
Jacob gave examples of some of the vulnerabilities like Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), HTTP Response Splitting, Session Fixation, and SQL Injection.
应用推荐