In addition to handling traditional threats, a mashup application or web page must address such issues as cross-site scripting (XSS) and cross-site request forgery (CSRF), among others.
除了处理传统威胁外,混搭应用程序或web页面必须解决跨站点脚本编写(XSS)和跨站点请求伪造(CSRF)等问题。
Jacob gave examples of some of the vulnerabilities like Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), HTTP Response Splitting, Session Fixation, and SQL Injection.
Jacob对其中的一些弱点给出了示例,像跨站点脚本攻击(XSS)、跨站点伪造请求(CSRF)、HTTP响应分割、会话固定攻击以及SQL注入攻击等等。
应用推荐