摘要
SQL注入攻击是Web应用中最常见的攻击,本文通过分析SQL注入攻击的原理,针对不同的攻击方法和不同的安全需求灵活使用多种防御策略堵住漏洞,如通过过滤或转义危险字符、使用正则表达式、使用URL重写技术等方法减少Web应用的风险。
SQL injection attack is the most common attack in Web application. This paper, by analyzing the principle of SQL injection attacks,discusses how to flexibily use a variety of defensive strategies to close the loopholes according to different attack methods, and different security needs to reduce the risk of Web applications, such as through a filter or escape dangerous characters,by using regular expressions , or using UR.L rewriting technology.
出处
《计算机与网络》
2012年第9期70-73,共4页
Computer & Network
关键词
SQL注入
防御策略
正则表达式
SQL injection
defense strategy
URL rewriting technology