基于 python 的 XSS 漏洞检测插件的设计与实现 Design and implementation of XSS vulnerability detection plug-in based on Python摘要XSS 攻击者将恶意脚本写入 Web 应用当中,并且实际执行,恶意脚本在浏览器客户端中也被应用,给用户造成很恶劣的后果。所以本着快速解决因为 XSS 漏洞导致的用户信息泄露的问题,本文根据对XSS 的研究对 XSS 设计了有关 XSS 漏洞修复的一些实际可行的方法和程序,通过研究跨站点脚本的基本原理和相关知识,对客户端进行安全且全面分析,同时会对跨站点脚本攻击信息技术及其基本原理进行了简单介绍。通过设计和实现 XSS 漏洞检测模型去完成 XSS 漏洞相关的检测和修复,成立了不同系统的模块。以及对系统功能和性能测试结果的细化解析,对于 XSS 漏洞检测模型能够生效,实现网站脚本漏洞的修复。并应用了 XSS 的漏洞检测的计算方案,完成了对 XSS 漏洞检测的研究。在实验开发中实现对 XSS 漏洞的相关问题,验证了 XSS 漏洞检测插件能够解决 XSS 漏洞相关问题,具有显著优势。关键词:XSS 漏洞;Python;插件;漏洞检测Abstract The XSS attacker writes the malicious script into the Web application and actually executes it. The malicious script is also applied in the browser client, resulting in very bad consequences for the user. So in a quick fix for XSS holes caused by user information leakage problem, in this paper, based on the study of XSS for XSS design about XSS holes to repair some of the practical ways and procedures, through the study and the related knowledge, the basic principle of cross-site scripting security for the client is analyzed, at the same time to cross-site scripting attacks of information technology and its basic principle has carried on the simple introduction. Through the design and implementation of XSS vulnerability detection model to complete XSS vulnerability related detection and repair, set up different system modules. As well as the detailed analysis of system function and performance test re...
