跨站脚本攻击和同源策略 [英] Cross site scripting attacks and same origin policy

查看:50
本文介绍了跨站脚本攻击和同源策略的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我熟悉持久性和非持久性XSS.我还知道同源策略,它可以防止/限制来自一个网站页面的请求转到另一个网站服务器.这让我觉得同源策略至少可以阻止非持久性类型的 XSS 攻击(因为在持久性类型的攻击中,恶意代码来源与窃取的私人信息相同).我的理解正确吗?可以使用 SOP 来阻止/减少这些攻击吗?

I am familiar with the persistent and non-persistent XSS. I also know about Same origin policy that prevents/restricts requests originating from one websites page to go to another websites servers. This made me think that the same origin policy can stop at least the non-persistent type of XSS attacks (Because in the persistent type of attack the malicious code origin would be same as the private information that is stolen). Is my understanding correct? Can SOP be used to stop/reduce these attacks?

好的,我在浏览器端的 2 个脚本之间调用方法和在另一个网站上调用诸如 HTTP POST 之类的方法之间感到困惑.感谢 jakber 的回答.

Okay I was confusing between invoking methods between 2 scripts at the browser side and invoking methods such as HTTP POST on another website. Thank you for the answer jakber.

现在我还有一个问题,SOP 不能阻止跨站请求伪造吗?维基百科中给出的示例讨论了 Bob 访问由 Mallory 在聊天论坛上创建的恶意图像标签.但是,根据 SOP 规则,恶意脚本应该无法访问银行的 cookie.我在这里遗漏了什么吗?

Now I have another question, wouldn't SOP be able to prevent Cross-site request forgery? The example given in the wikipedia talks about Bob accessing a malicious image tag created by Mallory on the chat forum. However, as per the SOP rule, the malicious script should not be able to access bank's cookie. Am I missing something here?

推荐答案

通常不会.

非持久性或反射型 XSS 攻击利用作为页面内容回显的输入,未经适当清理,没有持久化.在这两种情况下,注入的脚本似乎都来自被利用的域.

A non-persistant or reflected XSS attack exploits input that is echoed back as page content without proper sanitization, without persisting it. The injected script will seem to come from the exploited domain in both cases.

例如,如果您在 PHP 中执行此操作:echo $_GET['param'] 并将指向该页面的链接发送给包含?param=<script>alert('找到你了!');</script>是非持久性XSS攻击,与同源策略无关.

For example if you do this in PHP: echo $_GET['param'] and send a link to the page to somebody containing ?param=<script>alert('got you!');</script> it is a non-persistant XSS attack, and same-origin policy has nothing to do with it.

同源意味着你不能直接注入脚本或修改其他域上的 DOM:这就是为什么你需要先找到 XSS 漏洞.

Same-origin means that you cannot directly inject scripts or modify the DOM on other domains: that's why you need to find an XSS vulnerability to begin with.

这篇关于跨站脚本攻击和同源策略的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆