%0 Journal Article
%T 基于代理的跨站脚本攻击防御研究<br>Research on Cross-Site Scripting Attack Defense Based on Proxy
%A 严芬
%A 郭彩霞
%A 乔涛
%J Computer Science and Application
%P 1061-1071
%@ 2161-881X
%D 2019
%I Hans Publishing
%R 10.12677/CSA.2019.96120
%X <div style=\"text-align:justify;\">
	<span style=\"font-size:14px;\">在网络安全领域中，跨站脚本攻击已经是最严重的安全问题之一。本文在深入研究跨站脚本攻击方式的基础上，提出了一种基于代理的跨站脚本防御框架。该框架部署在客户端和服务器端之间，利用算法对通信数据进行深度分析和过滤，从而对跨站脚本进行有效的防御。实验证明设计的框架不仅能对跨站脚本攻击进行有效的防御，而且可以对合法标签进行放行，为用户提供良好的访问体验。<br />
In the field of network security, cross site scripting is one of the most destructive security problems. This paper puts forward a kind of XSS defense framework based on agent after an indepth study of XSS attack mode. The framework is deployed between the client and the server, and the framework analyzes and filters the data by intercepting the communication data between the client and server using the algorithm. The evaluation shows that it can not only effectively defense against XSS attacks, but also provide a good experience for the user through the release of legitimate tags.</span> 
</div>
%K 跨站脚本攻击，防御，Web安全<br>XSS
%K Defense
%K Web Security
%U http://www.hanspub.org/journal/PaperInformation.aspx?PaperID=30813