摘要
随着信息时代的到来,网络安全问题越来越受到人们关注,其中Web安全问题是最常见的安全问题。文章根据风险的发生频率和危害程度,以结构化查询语言(Structured Query Language,SQL)注入、跨站脚本攻击(Cross Site Scripting,XSS)注入、文件上传漏洞为例,研究这3种安全风险的原理、分类及安全防护。
With the advent of the information age,network security issues are receiving increasing attention,with Web security being the most common security issue.Based on the frequency and severity of risks,this article takes Structured Query Language(SQL)injection,Cross Site Scripting(XSS)injection,and file upload vulnerabilities as examples to study the principles,classification,and security protection of these three security risks.
作者
巢佳
CHAO Jia(Changzhou College of Information Technology,Changzhou Jiangsu 213164,China)
出处
《信息与电脑》
2023年第19期196-198,共3页
Information & Computer
基金
2021常州信息职业技术学院自然科学课题“基于三维重建技术的目标监测及追踪研究”(项目编号:CXZK202111Q)。
