blocks|key|705095|text|是的，考虑到如果你已经登录，这些脚本也可以访问你的cookie，并可以将其发送到任何地方。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|705096|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|D|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|E|8|@]|9|@]|A|$]]]|C|$]]

Yes, pretty much, consider if you have logged in, those script can also access your cookies and could send it to everywhere.

blocks|key|878193|text|然而，该链接的一个问题是，在URL中通常不允许在URL中使用<tags>，除非首先对其进行URL编码。因此，邮寄链接或张贴它不会对你有多大的好处。|type|unstyled|depth|inlineStyleRanges|offset|length|style|CODE|entityRanges|data|878194|更真实的URL编码形式应该是..|878195|http://localhost/MyProject/action.do?Title=%253Cscript%253Ealert%2528%2527XSS%2527%2529%253B%253C%252Fscript%253E%25|878196|单击此URL后，目标web服务器将取消转义Title值，如果...|878197|<script>alert('XSS');</script>|code-block|syntax|javascript|878198|..。是按原样编写的，而不是将转义到页面，这绝对是。|BOLD|878199|entityMap^0|U|6|0|0|0|2M|0|L|5|0|0|P|1|0^^$0|@$1|2|3|4|5|6|7|V|8|@$9|W|A|X|B|C]]|D|@]|E|$]]|$1|F|3|G|5|6|7|Y|8|@]|D|@]|E|$]]|$1|H|3|I|5|6|7|Z|8|@$9|10|A|11|B|C]]|D|@]|E|$]]|$1|J|3|K|5|6|7|12|8|@$9|13|A|14|B|C]]|D|@]|E|$]]|$1|L|3|M|5|N|7|15|8|@]|D|@]|E|$O|P]]|$1|Q|3|R|5|6|7|16|8|@$9|17|A|18|B|S]]|D|@]|E|$]]|$1|T|3|-4|5|6|7|19|8|@]|D|@]|E|$]]]|U|$]]

One problem with that link, though, is <code>&lt;tags&gt;</code> typically aren't allowed in URLs without URL encoding them first. So mailing that link around or posting it wouldn't do you much good.

The more realistic URL encoded form of it would be ..

<code>http://localhost/MyProject/action.do?Title=%3Cscript%3Ealert%28%27XSS%27%29%3B%3C%2Fscript%3E%</code>

After clicking on this URL, the destination web server would unescape the <code>Title</code> value and if ...

<pre><code>&lt;script&gt;alert('XSS');&lt;/script&gt;
</code></pre>

... is written as-is without being HTML escaped to the page, that's absolutely XSS.

blocks|key|878153|text|这绝对是一个漏洞，如果没有别的，你可以把这个链接和XSS代码一起发送给别人。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|878154|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|D|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|E|8|@]|9|@]|A|$]]]|C|$]]

It's definitely a vulnerability, if nothing else, you can send the link with XSS code like this to someone.

blocks|key|705120|text|我没有资格对Jeff+Atwood的回答发表评论，所以我不会同意他的观点。这样的链接肯定可以邮寄出去，用来利用易受反射XSS攻击的站点。我用Gmail和一个我能控制的网站进行了测试。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|705121|也许编码是在后台进行的，但不管怎样，我可以输入链接，通过电子邮件发送，然后单击该链接并进行利用。此外，在我尝试过的每个浏览器中，我都能够直接输入有效负载，而无需编码，并触发脚本。|705122|所以，是的，代码是“有效XSS”，如果你的站点触发了那个javascript，那么你的站点就容易受到反射的XSS攻击。|705123|entityMap^0|0|0|0^^$0|@$1|2|3|4|5|6|7|H|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|I|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|J|8|@]|9|@]|A|$]]|$1|F|3|-4|5|6|7|K|8|@]|9|@]|A|$]]]|G|$]]

I don't have the reputation to comment on Jeff Atwood's answer, so I will disagree with it here. A link like that could certainly be mailed around and used to exploit sites that are vulnerable to reflected XSS. I tested it with Gmail and a site over which I have control.

Perhaps encoding was being done in the background, but regardless, I was able to type in the link, email it, and then click the link and have the exploit work. Additionally, in every browser I tried I was able to directly type in the payload without encoding and have the script fire.

So yes, that code is "valid XSS" and if your site triggers that javascript then your site is vulnerable to a reflected XSS attack.

blocks|key|705127|text|是的，这是一个XSS漏洞。呈现之前，细小字符串不会被清理并显示为原样。可以使用像OWASP+Stinger这样的web应用程序防火墙来阻止XSS|type|unstyled|depth|inlineStyleRanges|offset|length|style|BOLD|entityRanges|data|705128|entityMap^0|I|2|0^^$0|@$1|2|3|4|5|6|7|H|8|@$9|I|A|J|B|C]]|D|@]|E|$]]|$1|F|3|-4|5|6|7|K|8|@]|D|@]|E|$]]]|G|$]]

Yes this is an XSS vulnerability. The Tittle String is not sanitized and displayed as it is before rendering.
XSS can be prevented by using a web application firewall like OWASP Stinger

blocks|key|2286847|text|发布警报是针对跨站点脚本或XSS测试应用程序漏洞的最突出和最广泛使用的方法。如果此类URL显示为警报，则很可能同一个URL可以-|type|unstyled|depth|inlineStyleRanges|entityRanges|data|2286848|2286849|在内部将客户重定向到恶意站点，或者|ordered-list-item|2286850|会将从cookie或会话复制的信息发送给某人。|2286851|2286852|客户会觉得是你的可信站点做到了这一点，因为他会一直看到url中的可信站点域。|2286853|entityMap^0|0|0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|M|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|N|8|@]|9|@]|A|$]]|$1|C|3|D|5|E|7|O|8|@]|9|@]|A|$]]|$1|F|3|G|5|E|7|P|8|@]|9|@]|A|$]]|$1|H|3|-4|5|6|7|Q|8|@]|9|@]|A|$]]|$1|I|3|J|5|6|7|R|8|@]|9|@]|A|$]]|$1|K|3|-4|5|6|7|S|8|@]|9|@]|A|$]]]|L|$]]

Putting an Alert is the most prominent and widely used Way of testing the Application Vulnerability towards Cross Site Scripting or XSS. If such URL display's an alert , Very likely the same URL can -

<ol>
<li>internally redirect customer to a malicious site or </li>
<li>Would send the information copied from the cookie or session to someone. </li>
</ol>

and the Customer would feel that its your trusted site which has done this as he will keep seeing the trusted site domain in the url.

My understanding of XSS attacks focused on people entering malicious input via forms (persistant XSS attack).

However I'm trying to understand non persistant. Is this as an example (obviously the alert could be substituted for something more sinister...)

<pre><code>http://localhost/MyProject/action.do?Title=&lt;script&gt;alert('XSS');&lt;/script&gt;
</code></pre>

Is this a valid XSS attack

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

我对XSS攻击的理解主要集中在通过表单输入恶意输入的人(持续性XSS攻击)。然而，我正在尝试理解非持久化。这是一个例子吗(显然，警报可以替换为更险恶的东西……)http://localhost/MyProject/action.do?Title=<script>alert('XSS');</script>

问这是有效的XSS攻击吗
EN

回答 6

Stack Overflow用户

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问这是有效的XSS攻击吗EN

回答 6

Stack Overflow用户

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问这是有效的XSS攻击吗
EN