jsp頁面高危漏洞的解決辦法 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <%@ page language="java" import="java.util.*,java.lang.*" pageEncoding="UTF-8"%> <%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt"%> <%@ taglib prefix="sql" uri="http://java.sun.com/jstl/sql_rt"%> <%@taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt"%> <html> <head> <title> New Document </title> <meta name="Generator" content="EditPlus"> <meta name="Author" content=""> <meta name="Keywords" content=""> <meta name="Description" content=""> <script type="text/javascript"> var kw = "<%=request.getParameter("kword")%>"; </script> </head> <body> </body> </html>
注入漏洞:
http://wap.51bi.com/wap/search/searchindex.jsp?page=1&kword=";alert('hacker');"
解决辦法:
<?xml version="1.0" encoding="utf-8"?>
< !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
< %@ page language="java" import="java.util.*,java.lang.*"
pageEncoding="UTF-8"%>
< %@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt"%>
< %@ taglib prefix="sql" uri="http://java.sun.com/jstl/sql_rt"%>
< %@taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt"%>
< %
String sword = request.getParameter("sword");
sword = sword.replace('<', ' ');
sword = sword.replace('>', ' ');
sword = sword.replace('"', ' ');
sword = sword.replace('\'', ' ');
sword = sword.replace('/', ' ');
sword = sword.replace('%', ' ');
sword = sword.replace(';', ' ');
sword = sword.replace('(', ' ');
sword = sword.replace(')', ' ');
sword = sword.replace('&', ' ');
sword = sword.replace('+', '_');
%>
< html>
<head>
<title> New Document </title>
<meta name="Generator" content="EditPlus">
<meta name="Author" content="">
<meta name="Keywords" content="">
<meta name="Description" content="">
< script type="text/javascript">
var kw = "<%=sword%>";
< /script>
</head>
<body>
</body>
< /html>
留言列表