首页> 外国专利> Systems and methods for analysis of cross-site scripting vulnerabilities

Systems and methods for analysis of cross-site scripting vulnerabilities

机译：分析跨站点脚本漏洞的系统和方法

页面导航

摘要
著录项
相似文献

摘要

A system for detecting XSS vulnerabilities includes determining the context in which a probe supplied as an input to a webpage or an application exists in a script associated with the webpage or application. A payload is generated based on, at least in part, the context such that during execution of the script, an executable code fragment in the payload can escape out of the context in which the probe exists and into a the global context of the script. The payload may include additional characters that prevent the payload from causing errors in the execution of the script.

机译：用于检测XSS漏洞的系统包括确定上下文，在该上下文中，作为与网页或应用程序的输入提供的探针存在于与网页或应用程序关联的脚本中。有效载荷至少部分地基于上下文生成，从而在脚本执行期间，有效载荷中的可执行代码片段可以从存在探针的上下文中逸出并进入脚本的全局上下文。有效负载可以包含其他字符，以防止有效负载在脚本执行中引起错误。

著录项

公开/公告号US10223533B2

专利类型
公开/公告日2019-03-05

原文格式PDF
申请/专利权人 VERACODE INC.;
展开▼

申请/专利号US201414519511
发明设计人 ISAAC M. DAWSON;
展开▼

申请日2014-10-21
分类号G06F21/57;G06F17/30;H04L29/06;
国家 US
入库时间 2022-08-21 12:09:30

相似文献

专利
外文文献
中文文献