防止Cross-site scripting (XSS)
2015-06-09 16:53
417 查看
public String filter(String url) {
String sanitized = url;
sanitized = sanitized.replaceAll("<", "<").replaceAll(">", ">");
sanitized = sanitized.replaceAll("\\(", "(").replaceAll("\\)", ")");
sanitized = sanitized.replaceAll("'", "'");
sanitized = sanitized.replaceAll("eval\\((.*)\\)", "");
sanitized = sanitized.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
return sanitized;
}
相关文章推荐
- Cross-Site Scripting(XSS): 跨站脚本攻击介绍
- Cross-Site Scripting(XSS): 跨站脚本攻击介绍
- Cross-Site Scripting(XSS): 跨站脚本攻击介绍
- Cross-Site Scripting (XSS) Attack Lab (Web Application: Elgg)——山东大学网络攻防实验
- Cross-Site Scripting(XSS): 跨站脚本攻击介绍
- Cross-Site Scripting(XSS): 跨站脚本攻击介绍
- Cross-Site Scripting(XSS): 跨站脚本攻击介绍
- JavaScript学习笔记-跨站脚本(Cross-site scripting,CSS,XSS)漏洞
- OWASP Cross-Site Scripting (XSS) 思路笔记
- Cross-Site Scripting(XSS): 跨站脚本攻击介绍
- WebGoat实验之Cross-Site Scripting(XSS,跨站脚本攻击)- 2016.01.09
- 跨站脚本攻击(Cross-site scripting,通常简称为XSS)阿里云防护
- SharePoint Security系列 之一 Cross-Site Scripting (XSS) Attack
- 跨网站指令码(Cross-site scripting,通常简称为XSS)介绍
- 防止恶意代码注入XSS(cross site scripting)
- Using Content Security Policy to Prevent Cross-Site Scripting (XSS)
- 漏洞挖掘——实验12 Cross-Site Scripting (XSS) Attack Lab
- Cross-site Scripting (XSS) 阅读笔记
- rails CSS/XSS——cross-site scripting
- Cross-site scripting,XSS