PHP 脚本中的 XSS 漏洞 [英] XSS Vulnerability in PHP scripts
问题描述
我一直在四处寻找,试图找到解决方案.我最近一直在我们的网站上运行扫描,以查找 XSS 和 SQL 注入的任何漏洞.有些项目引起了我的注意.
I have been searching everywhere to try and find a solution to this. I have recently been running scans on our websites to find any vulnerabilities to XSS and SQL Injection. Some items have been brought to my attention.
用户输入的任何数据现在都使用 filter_var() 进行验证和清理.
Any data which is user inputted is now validated and sanitized using filter_var().
我现在的问题是 XSS 和操纵 URL 的人.似乎无处不在的简单方法是:
My issue now is with XSS and persons manipulating the URL. The simple one which seems to be everywhere is:
http://www.domainname.com/script.php/">< script>alert('xss');< /script >
这会更改一些 $_SERVER 变量,并导致我所有的 CSS、链接、图像等的相对路径无效,页面无法正确加载.
This then changes some of the $_SERVER variables and causes all of my relative paths to CSS, links, images, etc.. to be invalid and the page doesn't load correctly.
我清理了脚本中使用的所有变量,但我不确定如何在 URL 中删除这些不需要的数据.
I clean any variables that are used within the script, but I am not sure how I get around removing this unwanted data in the URL.
提前致谢.
补充:这会在模板文件中产生一个简单的链接:
Addition: This then causes a simple link in a template file:
<a href="anotherpage.php">Link</a>
实际链接到:
"http://www.domainname.com/script.php/"><脚本>警报('xss');</script >/anotherpage.php
"http://www.domainname.com/script.php/">< script>alert('xss');< /script >/anotherpage.php
推荐答案
对于您对 XSS 的担忧:更改后的 URL 不会进入您的页面,除非您盲目使用相关的 $_SERVER 变量.相对链接似乎包含 URL 注入脚本这一事实是一种浏览器行为,它可能只会破坏您的相对链接.由于您没有盲目使用 $_SERVER 变量,因此您不必担心.
To your concern about XSS: The altered URL won't get into your page unless you blindly use the related $_SERVER variables. The fact that the relative links seem to include the URL injected script is a browser behavior that risks only breaking your relative links. Since you are not blinding using the $_SERVER variables, you don't have to worry.
您对相对路径中断的担忧:不要使用相对路径.使用至少一个域根路径(以斜杠开头)引用您的所有资源,这种 URL 损坏不会以您描述的方式破坏您的网站.
To your concern about your relative paths breaking: Don't use relative paths. Reference all your resources with at least a root-of-domain path (starting with a slash) and this sort of URL corruption will not break your site in the way you described.
这篇关于PHP 脚本中的 XSS 漏洞的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
