Web Security Questions

Web Safety

One, the Web attack technology that you know

(1) XSS attack

(2) CSRF attack

(3) Cyber hijacking attacks

(4) Console injection code

(5) Fishing

See more: http://blog.csdn.net/fengyinchao/article/details/52303118

Second, how to prevent XSS attacks?

(1) Escaping the front-end output data

(2) Escape the \ Backslash in the output string

(3) The information obtained from the URL prevents the method from being fetched by the backend, and then outputs after the front end is escaped.

(4) Protect the cookie by using the HttpOnly attribute of the cookie

See more: http://blog.csdn.net/fengyinchao/article/details/52303118

Third, there is no use of encryption in the project, which encryption algorithm?

Not used in the project, but I know several cryptographic algorithms:

(1) RSA encryption

(2) MD5 encryption

(3) SHA256 encryption

Iv. talking about the segmented transmission and rendering of web pages

From the following aspects:

(1) chunked code

(2) Bigpipe

(3) Segmented transmission and bigpipe application scenarios

See more: 1190000005989601? ea=984496

Five, Baidu Mobile home second Open is how to do?

Optimize from several aspects:

(1) Static file placement

(2) Cache

(3) Outer chain

(4) Caching DOM

(5) Using Iconfont

(6) Asynchronous loading and caching of Cards

(7) Not on the first screen will be asynchronous

(8) The domain name of a small number of static files

See more: 1190000005882953

Six, the front-end speed statistics (performance statistics) How to do?

Answer the following two questions:

(1) What are the indicators of the website?

(2) How do you count these metrics on your website?

See more: https://segmentfault.eom/a/1190000005869953

Web Security Questions