Защита от XSS

Discussion in 'Безопасность и Анонимность' started by vorona, 12 Nov 2009.

  1. vorona

    vorona Member

    Joined:
    7 Sep 2009
    Messages:
    392
    Likes Received:
    7
    Reputations:
    1
    Если script с помощью ф-ции str_replace заменить на script с парой русских букв (с,р), это защитит от XSS?
     
    #1 vorona, 12 Nov 2009
    Last edited: 13 Nov 2009
  2. vorona

    vorona Member

    Joined:
    7 Sep 2009
    Messages:
    392
    Likes Received:
    7
    Reputations:
    1
    Она защитит от XSS?

    strip_tags защищает от XSS?
     
    #2 vorona, 15 Nov 2009
  3. Ctacok

    Ctacok Banned

    Joined:
    19 Dec 2008
    Messages:
    732
    Likes Received:
    646
    Reputations:
    251
    htmlspecialchars()
    И
    http://ha.ckers.org/xss.html
    Почитай.
     
    #3 Ctacok, 15 Nov 2009
  4. vorona

    vorona Member

    Joined:
    7 Sep 2009
    Messages:
    392
    Likes Received:
    7
    Reputations:
    1
    Причём здесь htmlspecialchars?
     
    #4 vorona, 17 Nov 2009
  5. vorona

    vorona Member

    Joined:
    7 Sep 2009
    Messages:
    392
    Likes Received:
    7
    Reputations:
    1
    htmlentities имеет уязвимости такие же как htmlspecialchars?
     
    #5 vorona, 18 Nov 2009
(You must log in or sign up to post here.)