Basic questions
- SQL injection attack principle, how to defend?
- A SQL injection attack is the goal of tricking a server into executing a malicious SQL command by inserting a SQL command into a Web form to submit or entering a query string for a domain name or page request.
- For the prevention of SQL injection attacks, I think the main point is to start with the code:
- With precompiled statement set PreparedStatement, it has the ability to handle SQL injection, as long as it uses its Setxxx method to pass values. Its principle is that SQL injection only to the SQL statement Preparation (compilation) process has a destructive effect, and PreparedStatement is ready, the execution phase just take the input string as data processing, and no longer parse the SQL statement preparation, so also avoids the SQL injection problem ; Use regular expressions to filter incoming parameters, filter for some keywords that contain SQL injections, use string filtering methods, call this function in JSP to check for illegal characters, and prevent SQL from being injected from the URL.
- What is the principle of XSS attack and how to defend it?
-
- XSS is a code injection that allows a malicious user to inject code into a Web page and be successfully executed by the browser, and other users will be affected when they view the page. Such attacks typically include HTML and client-side scripting languages. The main purpose of XSS attack is to find a way to obtain the cookie of the target attack website, because the cookie is equivalent to the seesion, and with this information can log on to the website in any PC that can connect to the Internet, and do some damage in the identity of others. The defense of XSS can be done in two ways: one is to filter the required parameters before the form commits or the URL parameters are passed, and to check the contents of the user input for illegal content, such as angle brackets, quotation marks, etc., to strictly control the output.
- CSRF attack principle, how to defend?
- We know that XSS is a cross-site scripting attack that executes an attacker's script in the user's browser to obtain information such as its cookie. Instead, CSRF is borrowing the user's identity to send a request to Web server because the request is not intended by the user, so it is called "cross-site request forgery".
- For the defense of CSRF can also start from the following aspects: through the Referer, token or verification code to detect user submissions; Try not to expose the user's privacy information in the link of the page, for the user to modify the deletion and other operations preferably use the post operation; The domain in which the cookie is set strictly.
Practice Process
20145235 Li Tao "cyber Confrontation" EXP9 Web security Fundamentals practices