XSS
"Cross Site Scripting" ¤Îά¡£·Ç¼¨ÈÄ¤Ê¤É¤Ç HTML ¥³¡¼¥É¤òŬÀڤ˥¨¥¹¥±¡¼¥×¤·¤Æ¤¤¤Ê¤¤¾ì¹ç¤ËȯÀ¸¤¹¤ëÀȼåÀ¡£°°Õ¤Î¤¢¤ë JavaScript ¥³¡¼¥É¤ò´Þ¤à¥á¥Ã¥»¡¼¥¸¤òÀȼåÀ¤ò»ý¤Ä¥µ¥¤¥È¤ËÅê¹Æ¤¹¤ë¤è¤¦¤Ê¥ê¥ó¥¯¤òÀßÃÖ¤·¤Æ¤ª¤¯¤³¤È¤Ç¡¢¤½¤ì¤ò¥¯¥ê¥Ã¥¯¤·¤¿¥æ¡¼¥¶¡¼¤Î Cookie ¤Ê¤É¤òÅð¤ß½Ð¤¹¤³¤È¤¬¤Ç¤¤ë¡£¤³¤Î¥ê¥ó¥¯¤ÏÀȼåÀ¤ò»ý¤Ã¤¿¥µ¥¤¥È¤È¤ÏÊ̤ξì½ê¤Ë¤¢¤Ã¤Æ¤â¤è¤¯¡¢¤³¤ì¤¬¡ÖCross Site¡×¤È¤¤¤¦Ì¾Á°¤Î½ê°Ê¡£¤¿¤È¤¨¥æ¡¼¥¶¡¼Ç§¾Ú¤Ê¤É¤ò¤·¤Æ¤¤¤Æ¤â CSRF ¤È¤ÎÁȤ߹ç¤ï¤»¤Ç¹¶·â¤¬À®Î©¤¹¤ë¾ì¹ç¤¬¤¢¤ë¤Î¤ÇÍ×Ãí°Õ¡£ Web ¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ÇºÇ¤â¤è¤¯¸«¤é¤ì¤ëÀȼåÀ¤Î¤Ò¤È¤Ä¡£
¥¡¼¥ï¡¼¥É
»²¹Í
2007ǯ02·î28Æü(¿å) 12:21:31 Modified by sourcewalker