A summary of security vulnerabilities in Tomcat-based Web project

1 Check tool: Acunetix Web vulnerability Scanner V9 cracked version

2 Check the vulnerability description results show:

2.1 HTML Form without CSRF Protection

2.2 Slow_http_dos

2.3 If possible, you should set the SECURE flag for this cookie

2.4 If possible, you should set the HTTPONLY flag for this cookie

Such as:

3 Security vulnerability Resolution

3.1 HTML Form without CSRF Protection solution:

As the case may be, csrf generally occurs when the form login, the login submission, the processing process can generally be summed up on the login.jsp page randomly generated a string, set to the session session of the custom variables,

Then, in the form form, hide an input YTPE = "hidden" element that holds this value, which is as follows:

login.jsp********

<% @page import= "Java.util.UUID"%>
<%

Deal with CSRF
String uuid = Uuid.randomuuid (). toString (). ReplaceAll ("-", "");
Request.getsession (). SetAttribute ("Randtxt", uuid);

%>

<form id= "Welcomeaction_login" name= "Login" action= "welcomeaction_login.do" method= "POST" >

....

<input type= "hidden" name= "randsesion" value = "<%=request.getsession (). getattribute (" Randtxt ")%>"/>
......

</form>

Note : When the form is submitted, the form must be written at the head: action= "welcomeaction_login.do" method= "POST", otherwise it will lead to other related intermediate issues

3.2 Slow_http_dos Solutions:

Principle: Slow read attacks through concurrent connection pooling (based on TCP persistence time), and so on. Slow attacks are based on the HTTP protocol, which, through careful design and construction, can cause server delays, which can result in a denial of service when the server's load capacity is too high

Solution:
1 set Tomcat/server.xml file ConnectionTimeout value, default is 20000ms, modified to 8000ms (Tomcat Self Security vulnerability)

2 Set the global timeout time for Ajax (default is 30000ms) $.ajaxsetup ({timeout:8000});

3.3 If Possible, you should set the "Secure flag for this" Cookie,set the HTTPONLY flag for this cookie solution:
1 (Tomcat Self-security vulnerability) settings settings Tomcat/web.xml file:

<session-config>
<session-timeout>30<session-timeout>
<cookie-config>
<secure>true<secure>
</cookie-config>
<session-config>
2 in Login. JSP Main Page Join:
Response.setheader ("Set-cookie", "jsessionid=" + SessionID + "; secure; HttpOnly ");

4 ****** involves content and websites:

1 CSRF Popular http://www.cnblogs.com/hyddd/archive/2009/04/09/1432744.html

2 csrf a workaround: http://jingyan.baidu.com/album/597a0643671e6a312b524305.html

3 Set the SECURE flag for this Cookie:https://www.owasp.org/index.php/secureflag

4 Set the HTTPONLY flag for this cookie:http://coffeesweet.iteye.com/blog/1271822

A summary of security vulnerabilities in Tomcat-based Web project