??????????????????
???????????? ???????[ 2012/11/21 13:30:54 ] ????????
???????????????
?????????????????????????
???????????????????
????1?????????GET???????URL??????Request Header????POST???????URL??????Form Data?? Upload FileData?? Request Header???????HTML?????
????2?????JBoss???Servlet????????????????????????????Response???????????????????????????????????
???????????????????HTML????????ò???????????????????·??????????????????ξ???“??????”??鴦???????????????′?????????????????????????????????????????????£??????????????
????????????????????????????????????????????XSS?????????
????bug?????????
???????β????????7??bug??2???????????????????????????????BUG??????????????
????1??????“??????”??鴦?????POST??????Я????URL???????????
????????????????????????POST?????????洢????????????????????????????????
????2??POST?????????Я?????????????<??>??/??&???????“??????”??鴦????????????????????????????????????????????????鴦???????????
??????????????????????????1. ???????????????????????????2. ?????????????????????????
????3??POST?????????Я?????????????????????????“??????”??鴦????????????????????ξ?????鴦???????encode??“+”??????ξ?????鴦???????encode“+”???“%2B”?????o???Server?????deconde???????????“+”???????????
????????????????????encode?????????????????????????????????ngx_unescape_uri????????????ò??? NGX_UNESCAPE_WWW_FORM
????4?????????POST???????????POST Data ????????content type?application/x-www-form-urlencoded??
???????????????????????????POST??????????????????????μ??
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11
sales@spasvo.com