-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#java# 规范 HTTP参数污染 增补修订建议 #19
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
如果应用程序未正确校验用户输入的数据,则恶意用户可能会破坏应用程序的逻辑以执行针对客户端或服务器端的攻击。
脆弱代码1:
解决方案1:
脆弱逻辑2:
解决方案2:
The text was updated successfully, but these errors were encountered: