????λ?????????? >> ??????????
???????????????AppScan????????????????
?????ToughLife ???????[ 2016/5/13 13:58:20 ] ?????????????????? ??????????
????6. ???????????? HTTP ????
??????????????web?????л????????web.xml????????????????????ò????HTTP????
????<!--???????????????ò????HTTP???? -->
????<security-constraint>
????<web-resource-collection>
????<url-pattern>/*</url-pattern>
????<http-method>PUT</http-method>
????<http-method>DELETE</http-method>
????<http-method>HEAD</http-method>
????<http-method>OPTIONS</http-method>
????<http-method>TRACE</http-method>
????</web-resource-collection>
????<auth-constraint></auth-constraint>
????</security-constraint>
????<login-config>
????<auth-method>BASIC</auth-method>
????</login-config>
????7. ?? cookie ?????HttpOnly????
???????????????????????????????????????趨
????//????????cookie???????????????????????????
????resp.setHeader("Set-Cookie"?? "name="+newSimpleDateFormat("yyyy-MM-ddHH:mm:ss").format(new Date())+"; Secure; HttpOnly");
????8. ???? Web ??ó????????й???
?????????????????????г????????????????????
????9. ?????дδ????????ν???? HTML ????
????????????????????????????autocomplete="off" ????
????10. ??????? IP й???
??????????????????г????IP????????????
????11. ?????ó????????
??????????????????г????????????????????????????????????test.php??test.asp??test.cgi??test.html ????????Щ????????????????????????????????????????test??old???
????12. Unix ??????????
?????????????????????????????????????????????????????????“..”?????????????????????????????????ο????1.SQL??????д???????????
????13. Windows ??????????
?????????????????????????????????????????????????????????“..”?????????????????????????????????ο????1.SQL??????д???????????
????14. ?????????????????α??
?????????????????????????????????????????????????????ж??????????????????????????????????????????????????????????Σ????????????? ???????????????ó?????м????????????磺??????? SQL ????????????????е?Javascript???????и??????????????????????ο????1.SQL??????д?? ??3.?????????α?? ??????????
????15. ?????????
?????????????????????????????????????????????????????ж??????????????????????????????????????????????????????????Σ????????????? ???????????????ó?????м????????????磺??????? SQL ????????????????е?Javascript???????и??????????????????????ο????1.SQL??????д?? ??3.?????????α?? ??????????
????16. ????????????
??????????????????????????????????????????????????????????????
????17. ??????????汾
?????????????????????п???“Copy of”??“_”??“.”??“~”??“Old”??????????????
????18. ???????????????
??????????????????г??????????????????????
????19. HTML ?????????й?
?????????????????????г?????????????????????????????????????????????????IP??????
???????????????????????漰???????????????????SPASVOС??(021-61079698-8054)?????????????????????????
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11????????
?????????App Bug???????????????????????Jmeter?????????QC??????APP????????????????app?????е????????jenkins+testng+ant+webdriver??????????????JMeter????HTTP???????Selenium 2.0 WebDriver ??????
sales@spasvo.com