Different types of XSS attacks

What are the types of XSS attacks? Specific code examples are required

With the rapid development of the Internet, Web applications play an increasingly important role. However, web security threats are also increasing, among which XSS (cross-site scripting attack) is one of the most common types of attacks. XSS attacks refer to injecting malicious scripts into web pages. When users visit the web page, the scripts will be executed in the user's browser, causing information leakage or attacks.

XSS attacks can be divided into three types: stored XSS, reflected XSS and DOM-based XSS. The three types will be introduced in detail below, and specific code examples will be provided for demonstration.

1. Stored XSS

Stored XSS means that the malicious script is stored on the target server, and when the user accesses the page containing the script, the script will be executed. Attackers usually inject through input boxes, message boards and other places where users can input.

The following is a sample code for stored XSS:

<script>
    var maliciousScript = "<script>alert('存储型XSS攻击！')</script>";
    // 将恶意脚本存储到数据库中
    saveToDatabase(maliciousScript);
</script>

The above code stores the malicious script in the database and will later be retrieved from the database and executed when the page is loaded.

2. Reflected XSS

Reflected XSS means that malicious scripts are passed to the target website through the URL. The website inserts the script into the page when processing the URL, and then Return to user. When a user clicks on a URL containing a malicious script, the script is executed in the user's browser.

The following is a sample code for reflected XSS:

<!-- 假设这是一个搜索页面 -->
<input type="text" name="keyword" value="<?php echo $_GET['keyword']; ?>">
<!-- 将用户输入的值直接输出到页面上，存在XSS风险 -->
<script>
    var keyword = "<?php echo $_GET['keyword']; ?>";
    document.write("搜索结果：" + keyword);
</script>

In the above code, the user's search keywords are passed to the server through URL parameters, and the server inserts the keywords into the page HTML, and Return to user. If the keyword entered by the user maliciously contains a script, the script will be executed.

3. DOM-based XSS

DOM-based XSS is an XSS attack method based on DOM operations. The attacker implements the attack by modifying the DOM structure of the page, rather than modifying the content returned by the server like stored and reflected XSS.

The following is a sample code for DOM-based XSS:

<!-- 假设这是一个计算器页面 -->
<input type="text" id="number1" value="0">
<input type="text" id="number2" value="0">
<button onclick="calculate()">计算</button>
<!-- 将用户输入的值直接输出到页面上，存在XSS风险 -->
<script>
    function calculate() {
        var num1 = document.getElementById("number1").value;
        var num2 = document.getElementById("number2").value;
        var result = num1 + num2; // 用户输入可能包含恶意脚本
        document.getElementById("result").innerText = "计算结果：" + result;
    }
</script>

In the above code, the number entered by the user will be output directly to the page. If the value entered by the user maliciously contains a script , then the script will be executed.

In actual development, in order to prevent XSS attacks, we can take the following measures: input verification and filtering of user input, HTML encoding of the output, etc.

In short, XSS attacks are divided into three types: stored XSS, reflected XSS and DOM-based XSS. Understanding these attack types and corresponding defenses is critical to securing your web applications. At the same time, developers should always remain vigilant to discover and repair potential XSS vulnerabilities in a timely manner to ensure the security of web applications.

The above is the detailed content of Different types of XSS attacks. For more information, please follow other related articles on the PHP Chinese website!