2017年6月26日 星期一

[研究] X-XSS Protection

[研究] X-XSS Protection

2017-06-24

<add name="X-XSS-Protection" value="1; mode=block" />

Controlling the XSS Filter
https://blogs.msdn.microsoft.com/ieinternals/2011/01/31/controlling-the-xss-filter/

IE8 Security Part IV: The XSS Filter
https://blogs.msdn.microsoft.com/ie/2008/07/02/ie8-security-part-iv-the-xss-filter/

利用瀏覽器XSS跨站攻擊腳本篩選過濾特性(X-XSS-Protection)
http://doc.5lsoft.com/help/content.aspx?itemno=000067&_rnd=635900856594128005

IBM AppScan 安全漏洞問題修復(.net)
http://www.cnblogs.com/anngeiBKY/p/4952269.html

網站程式開發的注意事項,關於資訊安全與修補方式....陸續補充 (ASP.Net)
http://sweeteason.pixnet.net/blog/post/41779906-%E7%B6%B2%E7%AB%99%E7%A8%8B%E5%BC%8F%E9%96%8B%E7%99%BC%E7%9A%84%E6%B3%A8%E6%84%8F%E4%BA%8B%E9%A0%85%EF%BC%8C%E9%97%9C%E6%96%BC%E8%B3%87%E8%A8%8A%E5%AE%89%E5%85%A8%E8%88%87%E4%BF%AE

Config your IIS server to use the “Content-Security-Policy” header
https://stackoverflow.com/questions/37992225/config-your-iis-server-to-use-the-content-security-policy-header

X-XSS-Protection – Preventing Cross-Site Scripting Attacks

(待續)

沒有留言:

張貼留言