如何解决JSP-使用JSTL <c:out>核心标记防止XSS
我基本上有一个大学作业,我们需要在给定的站点内查找并修复漏洞。 有一种表单可以接收用户输入并将其存储到数据库中(使用MysqL)并在网站上显示。当前,网站可以看到HTML和脚本标签并将其实现到网站中。我需要防止这种情况的发生,所以我相信C:out标记将显示,而不是运行任何html或脚本标记
我尝试在表单中以及之前添加
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.Statement"%>
<%@page import="dbconnection.DBConnect"%>
<%@page import="java.sql.Connection"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib prefix = "c" uri = "http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix = "fmt" uri = "http://java.sun.com/jsp/jstl/fmt" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<Meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="style.css" />
<title>We love Trump!</title>
</head>
<body>
<div id="container">
<div id="mainpic">
</div>
<div id="menu">
<ul>
<li class="menuitem"><a href="index.jsp">Home</a></li>
<li class="menuitem"><a href="quotes.jsp">Quotes</a></li>
<li class="menuitem"><a href="news.jsp">News</a></li>
<li class="menuitem"><a href="profile.jsp?id=<% if(session.getAttribute("userid")!=null){ out.print(session.getAttribute("userid"));} %>">Profile</a></li>
<li class="menuitem"><a href="forum.jsp">Members Forum</a></li>
<li class="menuitem"><a href="Validatelogout">logout</a></li>
</ul>
</div>
<div id="content">
<%
Connection con = new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
if (session.getAttribute("isLoggedIn") != null && session.getAttribute("isLoggedIn").equals("1")) {
out.print("Hello " + session.getAttribute("user") + ",Welcome to Our Forum !");
}
%>
<h3>Create Post:</h3>
<form action="forum.jsp" method="POST">
Title : <input type="text" name="title" value="" size="50"/><br/>
Message: <br/><textarea name="content" rows="2" cols="50" ></textarea>
<input type="hidden" name="user" value="<% if (session.getAttribute("user") != null) {
out.print(session.getAttribute("user"));
} else {
out.print("Anonymous");
} %>"/><br/>
<input type="submit" value="Post" name="post"/>
</form>
<%
if (request.getParameter("post") != null) {
String user = request.getParameter("user");
String content = request.getParameter("content");
String title = request.getParameter("title");
%>
<% if (con != null && !con.isClosed()) {
Statement stmt = con.createStatement();
// stmt.executeUpdate("INSERT into posts(content,title,user) values ('" + content + "','" + title + "','" + user + "')");
stmt.executeUpdate("INSERT into posts(content,user) values ('" +content + "','" + user + "')");
out.print("Successfully posted");
}
}
%>
<p> </p>
<p> </p>
<p> </p>
<h3>List of Posts:</h3>
<% if (con != null && !con.isClosed()) {
Statement stmt = con.createStatement();
ResultSet rs = null;
rs = stmt.executeQuery("select * from posts");
out.println("<table border='1' width='80%'>");
while (rs.next()) {
out.print("<tr>");
out.print("<td><a href='forumposts.jsp?postid=" + rs.getString("id") + "'>" + rs.getString("title") + "</a></td>");
out.print("<td> - Posted By ");
out.print(rs.getString("user"));
out.println("</td></tr>");
}
out.println("</table>");
}
%>
<div id="footer"><h3><a href="http://www.trump.com/">Trump Web Design</a></h3></div>
</div>
</div>
</body>
</html>
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
