发表新帖
发表新帖

Does HTML encoding prevent XSS security exploits?

后端 未结
关注
3 1653
梦如初夏
梦如初夏 2021-02-13 20:10

By simply converting the following (\"the big 5\"):

& -> &
< -> <
> -> >
\" -> "
\' -> '
3条回答
  • 野性不改
    野性不改 (楼主)
    2021-02-13 20:41

    OWASP has a great cheat sheet.

    1. Golden Rules
    2. Strategies
    3. Etc.

    https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md

    0 讨论(0)
 看不清?
提交回复
热议问题