常见的未知 PHP 安全陷阱 [英] Common unknown PHP security pitfalls

问题描述

我知道这样的问题已经被问过一百次了，但我的有点不同.

I know questions like this have been asked a hundred of times, but mine is a little different.

我知道所有常见和广为人知的安全问题，例如 SQL 注入、XSS 等.但是那些经常出现但大多数时候未被识别或未被判断为漏洞的问题呢?有吗?

I know about all the common and widely-known security issues like SQL injection, XSS etc. But what about issues that often appear but are not recognized most of the times or not judged as vulnerabilities? Are there any?

推荐答案

我见过的很多事情是改变状态的 GET 请求，这些事情被开发为一项功能而不被视为安全漏洞，直到为时已晚.这些很容易导致跨站点请求伪造.例如，您的应用程序可能有一个指向 http://mysite.com/logout 的链接，该链接将用户注销.但是第三方网站可以添加这样的代码:

One thing I've seen a lot that gets developed as a feature and not seen as a security hole until it's too late are state-changing GET requests. These can easily result in cross-site request forgery. For example, your application could have a link to http://mysite.com/logout which logs users out. But a third party site can add code like this:

<!-- on evil.com site -->
<img src="http://mysite.com/logout">

然后当用户在 evil.com 加载页面时，他们会从 mysite.com 注销！

Then when users load the page on evil.com, they are logged out of mysite.com!

当站点使用状态更改 GET 请求实现 API 时，会发生最严重的问题.例如，如果我运行一个带有诸如 site.com/addfriend、site.com/sendmessage 等 url 的社交网站，并且我将这些 url 提供给要为我的站点制作应用程序的开发人员，则开发人员将不得不在发现安全漏洞时处理 API 更改.

The worst problems happen when sites implement an API using state-changing GET requests. For example, if I ran a social networking site with urls like site.com/addfriend, site.com/sendmessage, etc. and I gave out those urls to developers who were going to make applications for my site, the developers would have to deal with an API change when the security vulnerability was discovered.

这篇关于常见的未知 PHP 安全陷阱的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！