XSS attack in react

InfoQ 2021-05-03 07:47:41
xss attack react


{"type":"doc","content":[{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":" Preface "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":" The front end usually faces XSS Such security risks , But as the React The popularity of modern front-end framework , So that we don't have to pay too much attention to security issues in normal development . With React For example ,React From the design level, it has a good defense XSS The ability of . This article will be from the perspective of source code , have a look React What has been done to achieve this security ."}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"XSS What is the attack "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Cross-Site Scripting( Cross-site scripting attacks ) abbreviation XSS, It's a code injection attack .XSS An attack usually refers to the exploitation of a vulnerability in a web page , The attacker injects XSS Code to web page , Because browsers can't tell which scripts are trustworthy , Lead to XSS The script is executed .XSS Scripts are usually able to steal user data and send it to the attacker's website , Or pretend to be a user , Call the target website interface and perform the operation specified by the attacker ."}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"XSS Attack types "}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":" reflective XSS"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"XSS The script comes from the current HTTP request "}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":" When the server is HTTP Receive the data in the request and splice the data in HTML When returning from , Example :"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"javascript"},"content":[{"type":"text","text":"\/\/  A website has a search function , This function passes through URL Parameter to receive the search term provided by the user :\nhttps:\/\/xxx.com\/search?query=123\n\/\/  The server is working on this URL Echo the search terms provided in the response of :\n

You are searching for : 123<\/p>\n\/\/  If the server does not escape the data, etc , Then the attacker can construct the following link to attack :\nhttps:\/\/xxx.com\/search?query=\n\/\/  The URL Will result in the following response , And run alert('xss'):\n

You are searching for : <\/p>\n\/\/  If a user requests the attacker's URL , The script provided by the attacker will be executed in the user's browser ."}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":" Storage type XSS"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"XSS The script comes from the server database "}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":" The attacker submits the malicious code to the database of the target website , When ordinary users visit the website, the server will return malicious code , The browser defaults to , Example :"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"javascript"},"content":[{"type":"text","text":"\/\/  A comment page , Can view user reviews .\n\/\/  Attackers submit malicious code as comments , The server didn't process the data such as escaping \n\/\/  Comment input :\n