Home > Web Front-end > H5 Tutorial > body text

Introductory tutorials on security attack and defense: 10 recommended zero-based introductory tutorials on security attack and defense

零下一度
Release: 2017-06-13 10:42:02
Original
3013 people have browsed it

                                                                                                                                                                                                                                            please indicate the source when reprinting it. Please indicate the source: The final chapter of the detailed analysis of HTML5 security attack and defense: HTML5’s security improvements HTML5 makes a lot of additions to the old security strategies. 1. iframe sandbox HTML5 adds a sandbox attribute to the iframe element to prevent untrusted web pages from performing certain operations, such as accessing the DOM of the parent page, executing scripts, accessing local storage or local databases, etc. But this security strategy will bring other risks, which is very interesting. For example, ClickJacking attacks prevent JavaScript scripts from running to bypass JavaScript defense methods. 2. CSP content security policy XSS bypasses the same-origin policy through fake content and clickbaiting. The core of the XSS attack is that the browser cannot distinguish whether the script is injected by a third party or is actually part of your application. CSP defines the Content-Security-Policy HTTP header to allow you to create a whitename of a trusted source

1. Complete of detailed analysis of HTML5 security attacks and defenses: HTML5 security improvements

Introductory tutorials on security attack and defense: 10 recommended zero-based introductory tutorials on security attack and defense

Introduction: HTML5 makes a lot of additions to the old security strategies. HTML5 adds a sandbox attribute to the iframe element to prevent untrusted web pages from performing certain operations, such as accessing the DOM of the parent page, executing scripts, accessing local storage or local databases, etc.

2. Web front-end security attack and defense_html/css_WEB-ITnose

Introduction: Web front-end security attack and defense

[Related Q&A recommendations]:

ios - Why can't GDB use the Symbol in the cracked ipa?

The above is the detailed content of Introductory tutorials on security attack and defense: 10 recommended zero-based introductory tutorials on security attack and defense. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!