发表新帖
发表新帖

Spring MVC : How to Protect Application from CSRF and XSS

后端 未结
关注
3 1986
难免孤独
难免孤独 2021-02-04 21:55

What is the best way to protect our Spring MVC application from CSRF and XSS.

Is there native Spring MVC support for this?

3条回答
  • 名媛妹妹
    名媛妹妹 (楼主)
    2021-02-04 22:23

    Here is a blog about it.

    http://blog.eyallupu.com/2012/04/csrf-defense-in-spring-mvc-31.html

    another one.

    http://web.securityinnovation.com/appsec-weekly/blog/bid/79007/How-to-Prevent-Cross-Site-Request-Forgery-CSRF-in-SpringMVC

    For token generation esapi can be used. https://code.google.com/p/owasp-esapi-java/

    0 讨论(0)
 看不清?
提交回复
热议问题