PHP vulnerability solution (IV)-xss Cross-Site Scripting

Source: Internet
Author: User

XSS (Cross Site Scripting) stands for Cross-Site Scripting attacks. To be different from Cascading Style Sheet (css ),

Cross-site Scripting is mainly used by attackers to read cookies or other personal data of website users. Once attackers obtain the data, they can pretend to be the user to log on to the website, obtain the permissions of this user.

Common steps for cross-site scripting attacks:

1. The attacker sends an http link of xss to the target user in some way.

2. The target user logs on to the website and opens the xss link sent by the attacker during the login.

3. The website executes the xss Attack Script.

4. The target user page jumps to the attacker's website. The attacker obtains the target user information.

5. Attackers use the information of the target user to log on to the website and complete the attack.

 

When a program with a Cross-Site vulnerability occurs, attackers can construct a http://www.sectop.com/search.php like this? Key =. After the user clicks, the cookie value can be obtained.

Defense methods:

Use the htmlspecialchars function to convert special characters into HTML encoding.

Function prototype

String htmlspecialchars (string, int quote_style, string charset)

String is the string to be encoded.

Quote_style is optional. The value can be ENT_COMPAT, ENT_QUOTES, and ENT_NOQUOTES. The default value is ENT_COMPAT, indicating that only double quotation marks are converted without single quotation marks. ENT_QUOTES, which indicates that both double quotation marks and single quotation marks must be converted. ENT_NOQUOTES, indicating that double quotation marks and single quotation marks are not converted

Charset (optional) indicates the character set used.

The function converts the following special characters into html encoding:

& --> &

"-->"

'-->'

<--> <

> -->

$ _ SERVER ["PHP_SELF"] Variable Cross-Site

In a form, if you submit a parameter to yourself, this statement is used.

$ _ SERVER ["PHP_SELF"] variable value: Current page name

Example:

Http://www.sectop.com/get.php

The preceding form in get. php

Then we submit

Http://www.sectop.com/get.php/>

Then the form becomes

"Method =" POST ">

The XSS script is inserted.

The defense method is to use htmlspecialchars to filter the output variables, or to submit them to the form of the file.

This prevents the $ _ SERVER ["PHP_SELF"] variable from being cross-site

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.