4 Matching Annotations
  1. Nov 2018
  2. zh.wikipedia.org zh.wikipedia.org
    跨站请求伪造 - 维基百科,自由的百科全书
    1
    1. catcuts 21 Nov 2018
      跟跨网站脚本(XSS)相比,XSS 利用的是用户对指定网站的信任,CSRF 利用的是网站对用户网页浏览器的信任。

      XSS 是对客户端的攻击

      CSRF 是对服务端的攻击

      xss csrf
    Visit annotations in context

    Tags

    Annotators

    URL

    zh.wikipedia.org/wiki/跨站请求伪造
  3. Oct 2018
  4. dzone.com dzone.com
    Using the SameSite Cookie Attribute to Prevent CSRF Attacks - DZone Security
    1
    1. kael 26 Oct 2018
      xss http security
    Visit annotations in context

    Tags

    Annotators

    URL

    dzone.com/articles/using-the-same-site-cookie-attribute-to-prevent-cs
  5. scotthelme.co.uk scotthelme.co.uk
    Cross-Site Request Forgery is dead!
    1
    1. kael 26 Oct 2018
      xss security http
    Visit annotations in context

    Tags

    Annotators

    URL

    scotthelme.co.uk/csrf-is-dead/
  6. Sep 2018
  7. github.com github.com
    cure53/DOMPurify
    1
    1. kael 21 Sep 2018
      DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG
      dompurify json-ld dom security xss
    Visit annotations in context

    Tags

    Annotators

    URL

    github.com/cure53/DOMPurify