| 1. | Xss attacks are a very real danger
Xss攻击是很实际的危险。 |
| 2. | By validating all foreign data as it enters and exits your application , you will mitigate a majority of xss concerns
通过过滤应用程序所有的输入输出数据,你就能够减轻绝大部分xss风险。 |
| 3. | Dynamic web sites have a threat that static web sites don t , called " cross - site scripting , " also known as " xss .
动态网站存在着一个称为“跨站点脚本编制” (也称为“ xss ” )的威胁,而这是静态网站所没有的。 |
| 4. | Handling xss can be quite tricky , so i m going to avoid talking about that here see the sidebar for useful resources though
对xss的处理很有技巧性,所以在这里我不便多讲(不过可以从侧栏找到有用的参考资料) 。 |
| 5. | Since attackers are usually trying to add malicious scripts , this particular variation is called a " cross - site scripting attack " xss attack
由于攻击者通常是试图添加恶意的脚本,因些这种变化被称为"交叉站点脚本攻击" ( xss攻击) 。 |
| 6. | Xss is a similar kind of problem ; this time , the untrusted data is targeted at the people browsing your site , rather than your application itself
Xss也是一个类似的问题。不过这一次不受信任的数据瞄准的是浏览站点的人们,而不是应用程序本身。 |
| 7. | Be especially wary of any tag that causes the user to immediately load another file , such as the image tag - those tags are perfect for xss attacks
特别需要注意的是任何让用户立即加载另一个文件的标签,比如image标签那些标签非常适合xss攻击。 |
| 8. | Through these interactions , our xss custom tag library will be able to apply the " custom " action of encoding the dynamic data found on a jsp page
通过这些交互,我们的xss定制标记库就能应用“定制”操作,这种操作编码在jsp页面上找到的动态数据。 |
| 9. | Cross site scripting , or xss , flaws are a subset of user validation where a malicious user embeds scripting commands - - usually javascript - - in data that is displayed and therefore executed by another user
跨站脚本攻击或者xss ,是恶意用户利用验证上的漏洞将脚本命令嵌入到可以显示的数据中,使其在另一个用户浏览时可以执行这些脚本命令。 |
| 10. | Cross site scr pting , or xss , flaws are a subset of user validation where a malicious user embeds scr pting commands - - usually javascr pt - - in data that is displayed and therefore executed by another user
跨站脚本攻击或者xss ,是恶意用户利用验证上的漏洞将脚本命令嵌入到可以显示的数据中,使其在另一个用户浏览时可以执行这些脚本命令。 |
