## 跨站脚本攻击(xss) 1、打开文件 ``` ./index.php ``` 在第一行加入： ``` include('./chuanhai_safe.php'); ``` 2、创建文件 ``` ./chuanhai_safe.php ``` 3、在文件里面加入以下代码 ``` <? /** * 川海安全-后盾版 * * 20200708 */ class Safe{ //开始 public function start(){ $this->xss(); } //xss public function xss(){ //get安全验证 $get = $_GET; foreach($get as $key=>$v){ //检测是否包含特殊字符 $pregs = '/document|LF|eval|script|alert|\'|\/\*|\#|\--|\ --|\/|\*|\-|\+|\=|\~|\*@|\*!|\$|\%|\^|\&|\(|\)|\/|\/\/|\.\.\/|\.\/|\>|\</'; $check = preg_match($pregs,$v); if($check) $this->ajax_return(array('status'=>1,'message'=>'xss 10001')); } //前台进行参数验证 if(isset($_GET['a']) && $_GET['a']=='Index'){ //get安全验证 $get = $_GET; foreach($get as $key=>$v){ //检测是否包含特殊字符 $pregs = '/select|insert|update|CR|document|LF|eval|delete|script|alert|\'|\/\*|\#|\--|\ --|\/|\*|\-|\+|\=|\~|\*@|\*!|\$|\%|\^|\&|\(|\)|\/|\/\/|\.\.\/|\.\/|\>|\<|union|into|load_file|outfile/'; $check = preg_match($pregs,$v); if($check) $this->ajax_return(array('status'=>1,'message'=>'xss 10001')); //进行html转义 $v = htmlspecialchars($v); $get[$key] = (string)$v; } $_GET = $get; //get参数安全验证 $get_param = array('a','c','m','mid','cid','aid','page','type','word'); foreach($_GET as $key=>$v){ //如果该参数未在安全验证中定义 if(!in_array($key,$get_param)) $this->ajax_return(array('status'=>1,'message'=>'xss 10002')); } } //已知的网安参数验证 //20200701 $wvstest = $this->is_input('wvstest'); if($wvstest) $this->ajax_return(array('status'=>1,'message'=>'xss 10003')); } //is input private function is_input($name){ if(isset($_GET[$name])) return true; else if(isset($_POST[$name])) return true; return false; } //get input private function input($name){ $value = ''; if(isset($_GET[$name])){ $value = $_GET[$name]; } else if(isset($_POST[$name])){ $value = $_POST[$name]; } return $value; } //ajax return private function ajax_return($data=array()){ exit(json_encode($data)); } } $safe = new Safe(); $safe->start(); ```