随笔分类 - security

XSS(Cross-site scripting)

摘要：https://en.wikipedia.org/wiki/Cross-site_scripting same-origin policy (不能跨域）代码注入，比如留言，然后其他人回复的时候就可以通过js获取信息并传送至指定的服务器阅读全文

posted @ 2023-08-25 16:31 zno2 阅读(38) 评论(0) 推荐(0)

HTTP Basic Authentication>> 401>> Using the browser’s native login prompt

摘要：https://docs.oracle.com/cd/E27515_01/common/tutorials/authn_http_basic.html http://blog.stevensanderson.com/2008/08/25/using-the-browsers-native-login 阅读全文

posted @ 2023-06-06 13:12 zno2 阅读(67) 评论(0) 推荐(0)

zno2

随笔分类 - security

XSS(Cross-site scripting)

HTTP Basic Authentication>> 401>> Using the browser’s native login prompt

导航