发表新帖
发表新帖

Attempted exploit?

后端 未结
关注
4 1298
春和景丽
春和景丽 2021-02-14 04:53

I saw that my nopCommerce site had a logged search for:

ADw-script AD4-alert(202) ADw-/script AD4-

I\'m a bit curious though what they were try

4条回答
  • 别那么骄傲
    别那么骄傲 (楼主)
    2021-02-14 05:33

    If you want to be safe from these types of Injections, you must specify a Content-Type.

    Try to put the Content-Type in headers instead of meta tags if possible. If you want to do it in php, you can do

    at the top of your php application. If for some reasons you can't do it, you can put it in your meta tags:

    

    
        
        ....Rest of your page

    0 讨论(0)
 看不清?
提交回复
热议问题