JaArticleXSS - doctype - Google Code - クロスサイトスクリプティング(XSS)攻撃についてのまとめ

Updated May 20, 2008 by yosuke.hasegawa

JaArticleXSS

クロスサイトスクリプティング(XSS)攻撃についてのまとめ

English	Español	Français
Home	Web Security

このセクションでは、攻撃者がHTMLドキュメント内に攻撃者がどのように攻略するのかこのセクションでは、HTMLドキュメント中の様々なコンテキストでのクロスサイトスクリプティング(XSS)攻撃について、それらがどのように発生し、どのように回避するのかの一般的な方法について、詳しく考察します。XSSに馴染みがない場合は、はじめにクロスサイトスクリプティング脆弱性入門をご覧ください。

These articles provide examples for each of the specific classes of Cross-Site-Scripting vulnerabilities. The examples are given in the form of HTML snippets which include Python-style string substitutions, which were chosen to keep the examples independent from any particular templating or HTML rendering infrastructure.

For example, the HTML snippet

<title>Example document: %(title)s</title>

is intended to illustrate a template snippet that, if the variable title has value Cross-Site Scripting, results in the following HTML to be emitted to the browser:

<title>Example document: Cross-Site Scripting</title>

The examples in this document are based on JavaScript (ECMAScript). Of course, similar examples could be constructed using other scripting languages supported by the victim's browser (such as VBScript).

For each class of XSS vulnerability (which are based on the context within a HTML document where the injection occurs, such as regular body text, within an href attribute, etc), we provide

an example that shows how the injection can be exploited, i.e. how the attacker could inject strings into the HTML document such that script of their choosing would execute in the user's browser
guidelines for avoiding XSS in this particular context (e.g. "escape such-and-such characters")
an explanation of why these guidelines are necessary and how they prevent XSS

Further reading