| 单词 | XSS | ||||||||||||||||
| 释义 | XSS
更多释义 收起释义 例句释义: 跨站脚本,跨站点脚本,跨站脚本攻击 1. So far, we have seen that an XSS attack can take place in a parameter of a GET request that is echoed back to the response by a script. 到此为止,我们已经看到XSS攻击可以出现在用脚本回送响应的GET请求的参数中。 www.ibm.com 2. XSS attacks can be used to steal login information or other sensitive information from visitors to a particular site. 跨站式脚本攻击可以被用来盗取登录信息或者包括访问者的敏感信息或某一特定站点内容。 www.aidaodao.com 3. At the heart of the XSS vulnerability is an application that filters user data improperly once submitted. XSS攻击的核心是一个应用程序,该应用程序可以在用户数据提交之后进行过滤。 www.ibm.com 4. If your Web application does not guard against XSS attacks, the only limit to the harm done is the imagination of the attacker. 如果您的Web应用程序不针对XSS攻击进行保护,则会造成严重的破坏。 www.ibm.com 5. The goal of the XSS attack is to steal the client cookies or any other sensitive information that can identify the client with the Web site. XSS攻击的目的是盗走客户端cookies,或者任何可以用于在Web站点确定客户身份的其他敏感信息。 www.ibm.com 6. As you've seen in the XSS examples, most of the attacks exploit server-side vulnerabilities by injecting malicious scripts. 正如我们在XSS示例中所看到的,大多数的攻击都利用了服务器端的弱点,注入恶意脚本。 www.ibm.com 7. Note: This regular expression should not be used in production environments as it is not secure against XSS attacks. 注意:这个正则表达式不应该使用在生产环境中,因为它对于XSS攻击不安全。 www.ibm.com 8. Cross-site scripting (XSS for short) is one of the most common application-level attacks that hackers use to sneak into Web applications. 跨站脚本攻击(cross-sitescripting,简称XSS),是黑客用来潜入Web应用程序的最普遍的应用程序层攻击之一。 www.ibm.com 9. Cross site scripting (also known as XSS) occurs when a web application gathers malicious data from a user. 当web应用从用户收集恶意数据时,交叉站点脚本(也是所谓的XSS)也就发生了。 english.31931.cn 10. By not fixing an XSS hole this could allow possible user account compromise in portions of your site as they get added or updated. 不补上XSS漏洞,这让可能的用户账户在他们打补丁或升级时危及到你网站的部分安全。 english.31931.cn 1. When an attacker introduces a malicious script to a dynamic form submitted by the user, a cross-site scripting (XSS) attack then occurs. 当攻击者向用户提交的动态表单引入恶意脚本时,就会产生跨站点脚本(XSS)攻击。 www.ibm.com 2. XSS results from malicious scripts being injected into a Web site. XSS由注入Web站点的恶意脚本而导致。 www.ibm.com 3. The following examples are intended to help you recognize the areas that are vulnerable to XSS attack. 下面的例子可以帮助您识别易受XSS攻击的领域。 www.ibm.com 4. Handling XSS can be quite tricky, so I'm going to avoid talking about that here (see the sidebar for useful resources though). 对XSS的处理很有技巧性,所以在这里我不便多讲(不过可以从侧栏找到有用的参考资料)。 www.ibm.com 5. Much like the recent Mikeey worm on Twitter, this XSS issue is a result of poor output filtering. 和最近Twitter上的Mikeey病毒一样,该漏洞也是输出过滤(outputfiltering)处理不当的结果。 www.bing.com 6. Next, I'll briefly talk about the prime result of an XSS intrusion. 接下来,我将简单介绍XSS侵入的主要后果。 www.ibm.com 7. As a countermeasure, review your application logic and eliminate all XSS and CSRF vulnerabilities . 对策是审核你的web应用逻辑来堵上所有的XSS和CSRF漏洞。 www.bing.com 8. If you know nothing about XSS or CSRF , take the time to learn more about these security vulnerabilities. 如果你知道什么的XSS或CSRF的,花时间去学习更多的有关这些安全漏洞。 bluoe.blog.163.com 9. At the core of a traditional XSS attack lies a vulnerable script in the vulnerable site. 传统的XSS攻击的核心处位于脆弱的站点中的脆弱的脚本。 www.ibm.com 10. This piece of code is vulnerable to XSS attacks because no check is made to validate the input. 这段代码很容易受XSS攻击,因为没有进行任何的输入验证。 www.ibm.com 1. In either case, input value validation and sanitization are the key to preventing XSS attacks. 不管怎样,输入值验证和数据消毒(sanitation)是防止XSS攻击的关键因素。 www.ibm.com 2. Dynamic Web sites have a threat that static Web sites don't, called "cross-site scripting, " also known as "XSS. " 动态网站存在着一个称为“跨站点脚本编制”(也称为“XSS”)的威胁,而这是静态网站所没有的。 www.ibm.com 3. This can be a major checkpoint to eliminate XSS attacks. 这是消除XSS攻击的一个重要检查点。 www.ibm.com 4. The XSS vulnerability on the MPAA website was found on the about page where visitors can submit their favorite movie. MPAA网站上的XSS漏洞出现在about页面中,在这个页面中浏览者可以提交他们最喜爱的电影名称。 www.cnbeta.com 5. Simply put, XSS exploits holes in the code to introduce a hacker's executable code into another user's browser session. 简单地说,XSS利用代码中的漏洞来将黑客的可执行代码引入另一个用户的浏览器会话中。 msdn2.microsoft.com 6. A mashup application or page must address CSRF, Ajax vulnerabilities, XSS, and other potential security weaknesses. mashup应用程序或页面必须解决CSRF、Ajax漏洞、XSS和其他潜在的安全漏洞。 www.ibm.com 7. Consult the XSS Prevention Cheat Sheet [REF-16] for more details on the types of encoding and escaping that are needed. 你可以查阅XSS防骗部分(REF-16)来获取更多关于编码类型以及所需要的换码的细节。 www.infoq.com 8. Listing 10 demonstrates how the form could print the results, allowing an XSS attack. 清单10演示了允许XSS攻击的表单如何输出结果。 www.ibm.com 9. You've probably heard this called cross-site scripting (XSS) vulnerabilities. 您可能听说过称为cross-sitescripting(XSS)的漏洞。 www.ibm.com 10. The tld file for our XSS custom tag library, is shown in Listing 1. 清单1显示了我们的XSS定制标记库的tld文件。 www.ibm.com 1. An XSS vulnerability occurs when a user has the ability to inject HTML code into your Web pages. 当用户能够把HTML代码注入到您的Web页面中时,就是出现了XSS漏洞。 www.ibm.com 2. It also describes cross-site scripting (XSS), which has become a popular security buzzword. 它也能描述一个跨站点的脚本语言(XSS),成为一个流行的词语。 www.ibm.com 3. WordPress has detected and fixed a cross-site scripting (XSS) vulnerability. WordPress已经检测并修复了一个跨站式脚本的漏洞。 www.bing.com 4. You can surely protect your pages from XSS, you do so by applying specific measures and sane coding practices. 您完全可以保护自己的页免受XSS攻击,方法是应用特定的措施和合理的编码实践。 msdn2.microsoft.com 5. XSS attacks work by supplying input that a program does not expect and exploiting how it handles rogue input. XSS通过提供程序不期望的输入,然后利用程序对无赖输入的处理方式发动进攻。 www.ibm.com 6. To defend against XSS, you must primarily determine which input is valid and reject all the rest. 要防御XSS,您必须从根本上确定哪些输入是有效的,然后拒绝所有其他输入。 msdn2.microsoft.com 7. Finally, make sure your PHP code is resilient to XSS attacks, form spoofs, and CSRF attacks. 最后,确保PHP代码可以抵抗XSS攻击、表单欺骗和CSRF攻击。 www.ibm.com 8. According to the problem proposed above, this paper makes a research on the server-client cooperation XSS defense method. 为此,提出基于服务器端-客户端协作的跨站脚本攻击防御方法。 www.ecice06.com 9. XSS vulnerabilities represent a large portion of all the documented Web-site vulnerabilities in 2007 (see Resources). XSS漏洞代表2007年所有归档的Web站点的大部分漏洞(请参阅参考资料)。 www.ibm.com 10. Causing the JavaScript pop-up window to emerge usually suffices to demonstrate that a site is vulnerable to an XSS attack. 引发JavaScript弹出窗口的出现通常足够说明该站点容易受到XSS攻击。 www.ibm.com 1. To prevent thefts, you should implement security best practices to prevent XSS, and all of its variations, from succeeding. 为了防止盗窃,您应当实现安全最佳实践来防止XSS及其各变种得手。 msdn2.microsoft.com 2. In addition, a separate cross-site scripting (XSS) vulnerability in Amazon's store allowed the team to hijack an AWS session. 另外,亚马逊商店内一个单独的跨站脚本漏洞允许团队攻击AWS时域。 labs.chinamobile.com 3. Many cross-site scripting (XSS) exploits aim at obtaining the user's cookie. 许多跨站点脚本(XSS)攻击的目的是获得用户的cookie。 www.bing.com 4. It is important to note that XSS is not a vendor-specific issue and doesn't necessarily exploit holes in Internet Explorer. 请务必注意,XSS不是一个特定于供应商的问题,因此并不一定会利用InternetExplorer中的漏洞。 msdn2.microsoft.com 5. Many intrusion vulnerabilities such as SQL injection, CSRF, and XSS are preventable using a comprehensive input-validation framework. 如果使用一个综合的输入验证框架,许多输入漏洞,如SQL注入、CSRF和XSS,都是可以避免的。 www.ibm.com 6. This is a very simple example of a harmless XSS exploitation. 这是一个无害的XSS攻击的简单示例。 www.ibm.com 7. What better name is there for our custom tag library besides naming it XSS? 除了将我们的定制标记库命名为XSS之外,还有什么更好的叫法吗? www.ibm.com 8. Is XSS-11 the reincarnation of a Cold War-era ASAT program? XSS-11是不是冷战时代反卫星计划的翻版? www.bing.com 9. Every month roughly 10-25 XSS holes are found in commercial products and advisories are published explaining the threat. 在商业产品中每月大约有10-25个XSS漏洞被发现,同时出版10-25个报告来解释这种威胁。 english.31931.cn 10. These weaknesses of coding in Web 2. 0 sites are known in the security industry as cross-site scripting, or XSS vulnerabilities. 网络安全业内将Web2.0网站内的这些编码缺陷,称为跨站脚本(XSS)或跨站脚本漏洞。 www.ftchinese.com 1. What loopholes in the code make XSS attacks possible? 代码中的哪些漏洞导致XSS攻击成为可能? msdn2.microsoft.com 2. it's now almost impossible to have an accidental XSS attack. 现在偶然出现一个XSS攻击已经不太可能了。 www.infoq.com 3. Increased protection from attacks such as Cross-site Scripting ( XSS), SQL Injection and Remote File Inclusions ( RFI). 更多的安全防护措施,如跨站脚本(XSS)、SQL注入及远程文件包含(RFI)。 www.infoq.com 4. Checking that a site is secure from XSS attacks is the logical conclusion of securing the site. 检查站点免于遭受XSS攻击是加强站点安全保护的必然结论。 www.ibm.com 5. In many cases CSRF and XSS will help to do so. 在许多情况下,CSRF和XSS都有助于这样做。 www.bing.com 6. The first is by far the most popular: cross-site scripting (XSS). 第一个漏洞是最流行的:跨站脚本编程(cross-sitescripting,XSS)。 www.ibm.com 7. On-demand scripts can include malicious code aimed at exploiting security vulnerabilities such as XSS. 按需脚本可能包含打算攻击XXS等安全漏洞的恶意代码。 www.ibm.com 8. Although it doesn't eliminate all XSS problems, it can alert Web maintainers to inadequacies in a site's security. 虽然它不能消除全部的XSS问题,但它能警告Web维护人员在站点安全性方面存在的不足)。 www.ibm.com 9. What are some links I can visit to help me further understand XSS? 通过哪些链接能帮我对XSS了解的更多? english.31931.cn 10. This can result in all kinds of attacks (similar to XSS), including the theft of sensitive user information. 这样会导致各种类型的攻击(类似于XSS),包括盗取用户的敏感信息。 www.ibm.com 1. For example, if you are filtering for XSS on the web front-end, you must do it for your APIs, preferably with the same tools. 比如说,如果你在web前端过滤XSS,你必须对你的API也这样做,最好是使用同样的工具。 www.infoq.com 2. New malicious uses are being found every day for XSS attacks. 关于XSS攻击的新的恶意使用每天都被发现。 english.31931.cn 3. Guard against Cross-Site Scripting (XSS) vulnerabilities 保护跨站点脚本(Cross-sitescripting,XSS)漏洞 www.ibm.com 4. The following is a checklist of ways for webmasters and developers to prevent XSS attacks 下面是站点管理员和开发人员可用来阻止XSS攻击的检查列表 www.ibm.com 5. Ways to check whether your site is protected from XSS 检查您的站点是否处于XSS攻击保护的方法 www.ibm.com 6. How to secure a site against XSS attacks 如何保护站点不受XSS攻击 www.ibm.com |
||||||||||||||||
| 随便看 |
|
英汉双解词典包含2704715条英汉词条,基本涵盖了全部常用单词的翻译及用法,是英语学习的有利工具。