我目前正试图打破我们代码的一些遗留领域。
Acunetix报告说:
HTTP标头输入Referer设置为
http://www.google.com/search?hl=en&q=testing'"()&%<acx><ScRiPt>w4wD(9628)</ScRiPt>
HTTP请求
GET /get/activity HTTP/1.1
Referer: http://www.google.com/search?hl=en&q=testing'"()&%<acx><ScRiPt >w4wD(9628)</ScRiPt>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Client-IP: 127.0.0.1
X-Forwarded-For: 127.0.0.1
X-Forwarded-Host: localhost
Accept-Language: en
Via: 1.1 wa.www.test.com
Origin: http://www.test.com/
Cookie: login%5Fcsrf=78FB0E23%2D2AF0%2D4D93%2D80F4%2DA4167982CAFD; ASPSESSIONIDQETDADBA=MBDPBIFBEHIJLCHMLDEDMNMA; UID=19B75396%2DF73B%2D4ED1%2D811F%2DFC3521BD9A66; linkedin%5Ftoken%5Fexpires=3%2F24%2F2015+3%3A03%3A43+PM; facebook%5Ftoken%5Fexpires=3%2F24%2F2015+3%3A03%3A43+PM; addevent_track_cookie=331dac94-8056-4853-6db4-d32779751626; CTK=1aei06d81bqp7fo4; ctkgen=1; JSESSIONID=DF0E35299D9A599B9B0FD9DAD011EF5E.jasxA_sjc-job20; BIGipServerjob_sjc=!0DQ3jSiLSSml/YlyPyTRGq9gi+rS3RzqpnSdGp+a4H86AStK8uZDXAHW1mcqwBzEsumzwo03rHdXGPY=; TS01d65e80=0139b1f9976b1c645e29362f9a324ea4394c66891bedf6b36ad06108f69b2908405c0edb721888a6b580f3edeeb5e573a8bbfbda4bd1cc23e2b69d6cc521b5abfb63ea49f961518bdc077c30ef41459aa792c942cf87918cf68dbe681a51068a117b375546; TS01c598d3=0139b1f9974322379e22f1fe5fab0db4a57096201eed85463ee289670f78e8c4a2d79535beb14d5b117120b5303b71298697559647a203ebc955633196690dbc6e72e0887b; RF="HvVEPZ1apChPBHfT6ywcEvzxuORi22TF2TITLDoQJ6BzIuMxqjLlugZ07BmLw45FGmf4cAjw1_8SlVMGKF-s1g=="; INDEED_CSRF_TOKEN=kC3qOut72kVW3yfdd6fEn3sQrnmzv1n6
Host: dev.qweqwe.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
Accept: */*
响应标题
HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Length: 2019
Content-Type: text/html; Charset=utf-8
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Wed, 23 Mar 2016 20:02:13 GMT
如何通过referer缓解此攻击?
答案 0 :(得分:1)
每个跨站点脚本漏洞都是独一无二的,具体取决于问题的背景,因此您对XSS攻击的最佳防御是定制使用以下两种方法:
<和>),不会被浏览器错误地解释为HTML。有大量的资源可以获得更多信息,但这里有一些我觉得有帮助: