Does HTML encoding prevent XSS security exploits?

后端 未结 3 1672
梦如初夏
梦如初夏 2021-02-13 20:10

By simply converting the following (\"the big 5\"):

& -> &
< -> <
> -> >
\" -> "
\' -> '
         


        
3条回答
  •  野性不改
    2021-02-13 20:41

    OWASP has a great cheat sheet.

    1. Golden Rules
    2. Strategies
    3. Etc.

    https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md

提交回复
热议问题