摘要
指出了Web应用中存在的各种安全漏洞,在分析并总结Web应用安全漏洞特点的基础上,设计了一种基于Proxy的Web应用安全漏洞检测方法,该方法可以用来检测一些常见的Web应用安全漏洞,如参数篡改、跨站点脚本漏洞等.给出了利用该方法检测SQL代码插入、跨站点脚本算法的JAVA语言实现.
The security vulnerabilities of Web application are pointed out. By analyzing and summarizing the characteristics of the security vulnerabilities, the Proxy-based approach to scanning Web application security vulnerabilities,which can find many Web application security vulnerabilities,is put forward. Finally, the main idea and implementation of the approach, are described.
出处
《武汉大学学报(工学版)》
CAS
CSCD
北大核心
2005年第5期135-140,共6页
Engineering Journal of Wuhan University