{"id":280117,"date":"2021-01-13T13:00:31","date_gmt":"2021-01-13T05:00:31","guid":{"rendered":"http:\/\/4563.org\/?p=280117"},"modified":"2021-01-13T13:00:31","modified_gmt":"2021-01-13T05:00:31","slug":"%e6%9c%80%e8%bf%91%e6%92%b8%e4%ba%86%e4%b8%aa-go-%e8%bf%87%e6%bb%a4-xss-%e5%ba%93-go-xss%ef%bc%8c%e5%8f%91%e7%8e%b0%e5%ae%98%e6%96%b9%e5%ba%93%e7%9a%84-regexp-%e6%95%88%e7%8e%87%e6%9c%89%e5%be%85","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=280117","title":{"rendered":"\u6700\u8fd1\u64b8\u4e86\u4e2a go \u8fc7\u6ee4 xss \u5e93 go-xss\uff0c\u53d1\u73b0\u5b98\u65b9\u5e93\u7684 regexp \u6548\u7387\u6709\u5f85\u63d0\u9ad8"},"content":{"rendered":"
\n
\n
\n

\u6700\u8fd1\u64b8\u4e86\u4e2a go \u8fc7\u6ee4 xss \u5e93 go-xss\uff0c\u53d1\u73b0\u5b98\u65b9\u5e93\u7684 regexp \u6548\u7387\u6709\u5f85\u63d0\u9ad8 <\/h1>\n

<\/p>\n

\n
\u8cc7\u6df1\u5927\u4f6c : nodesolar <\/span> <\/i> 3<\/span> <\/div>\n
<\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n
https:\/\/github.com\/feiin\/go-xss \u53d1\u73b0\u5b98\u65b9\u5e93\u7684 regexp \u6548\u7387\u6709\u5f85\u63d0\u9ad8 <\/div>\n
\u5927\u4f6c\u6709\u8a71\u8aaa<\/b> (11<\/span>) <\/div>\n
<\/div>\n<\/p><\/div>\n<\/p><\/div>\n
    \n
  • \n
    \n
    \n
    \u8cc7\u6df1\u5927\u4f6c : maja <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    xss \u5e94\u8be5\u5728 render \u7684\u65f6\u5019\u9632\u8303\u800c\u4e0d\u662f input \u3002 <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u8cc7\u6df1\u5927\u4f6c : MonoBiao <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    hyperscan ? <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u8cc7\u6df1\u5927\u4f6c : hanssx <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    @maja \u50cf\u5bcc\u6587\u672c\u8fd9\u79cd\u9884\u5148\u5c31\u5b9a\u4e49\u597d\u8bed\u4e49\u7684\uff0c\u662f\u4e0d\u662f\u5728 input(source)\u6bd4\u8f83\u597d\u5462 <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u4e3b<\/span> \u8cc7\u6df1\u5927\u4f6c : nodesolar <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    \u770b\u9700\u6c42\u4e86 \u6709\u4e9b\u573a\u666f input \u5c31\u8981\u8fc7\u6ee4\u4e0b <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u8cc7\u6df1\u5927\u4f6c : maja <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    input \u505a xss filter \u662f\u4e07\u6076\u4e4b\u6e90\u3002<\/p>\n

    \u4f55\u51b5\u7528 regex \u505a xss filter…. <\/p><\/div>\n<\/p><\/div>\n<\/li>\n

  • \n
    \n
    \n
    \u8cc7\u6df1\u5927\u4f6c : reus <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    \u6b63\u786e\u505a\u6cd5\u662f\u7528\u6807\u51c6\u5e93\u7684 encoding\/xml\uff0c\u7136\u540e\u7528 Decoder.Token \u8bfb\u51fa token \u6d41\uff0c\u7136\u540e\u8fc7\u6ee4\uff0c\u7136\u540e\u7528 Encoder.EncodeToken \u751f\u6210\u6587\u672c\u3002
    \u7528\u6b63\u5219\u89e3\u6790 html \u662f\u9519\u8bef\u505a\u6cd5\u3002\u8ffd\u6c42\u6027\u80fd\u524d\uff0c\u5148\u4fdd\u8bc1\u6b63\u786e\u6027\u5427\u3002 <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u4e3b<\/span> \u8cc7\u6df1\u5927\u4f6c : nodesolar <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    \u4e5f\u4e0d\u662f\u5b8c\u5168\u6b63\u5219\uff0c\u6309\u5b57\u7b26\u5728\u89e3\u6790\u7684. <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u8cc7\u6df1\u5927\u4f6c : keepeye <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    go \u7684\u6b63\u5219\u5e93\u8c8c\u4f3c\u4e0d\u652f\u6301 ?! \u8bed\u6cd5\uff0c\u539f\u56e0\u636e\u8bf4\u662f\u56e0\u4e3a\u5f71\u54cd\u6548\u7387.. <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u4e3b<\/span> \u8cc7\u6df1\u5927\u4f6c : nodesolar <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    @keepeye \u662f\u7684 re2 \u5f15\u64ce\u4e0d\u652f\u6301 <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u8cc7\u6df1\u5927\u4f6c : Mitt <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    xss \u5728\u540e\u7aef\u8fc7\u6ee4\u8fd8\u662f\u5728\u524d\u7aef\u8fc7\u6ee4\u7684\u8bdd\u9898\u53ea\u8981\u4e00\u5f00 \u6bcf\u6b21\u90fd\u80fd\u5435\u8d77\u6765\uff0c\u6211\u662f\u89c9\u5f97\u540e\u7aef\u80fd\u505a\u7684\u592a\u5c11\u4e86\uff0c\u7ed5\u8fc7\u7684\u53ef\u80fd\u6027\u4e5f\u5f88\u5927\uff0c\u524d\u7aef\u53cd\u800c\u6709\u66f4\u591a\u63a7\u5236\u624b\u6bb5 <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n
    \n
    \n
    \u4e3b<\/span> \u8cc7\u6df1\u5927\u4f6c : nodesolar <\/span> <\/div>\n
    <\/i> <\/span> <\/div>\n<\/p><\/div>\n
    @Mitt \u54c8\u54c8\u54c8
    PHP \u662f\u4e16\u754c\u6700\u597d\u7684\u8bed\u8a00. <\/div>\n<\/p><\/div>\n<\/li>\n
  • \n","protected":false},"excerpt":{"rendered":"

    \u6700\u8fd1\u64b8\u4e86\u4e2a go \u8fc7\u6ee4 xss \u5e93…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/280117"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=280117"}],"version-history":[{"count":0,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/280117\/revisions"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=280117"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=280117"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=280117"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}