ホームページ  >  記事  >  バックエンド開発  >  XSS 用の PHP セキュリティ フィルタリング方法

XSS 用の PHP セキュリティ フィルタリング方法

墨辰丷
墨辰丷オリジナル
2018-06-08 10:49:153278ブラウズ

本篇文章主要介绍php针对XSS进行安全过滤的方法,感兴趣的朋友参考下,希望对大家有所帮助。

具体如下:

function remove_xss($val) {
  // remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed
  // this prevents some character re-spacing such as <java\0script>
  // note that you have to handle splits with \n, \r, and \t later since they *are* allowed in some inputs
  $val = preg_replace(&#39;/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/&#39;, &#39;&#39;, $val);
  // straight replacements, the user should never need these since they&#39;re normal characters
  // this prevents like <IMG SRC=@avascript:alert(&#39;XSS&#39;)>
  $search = &#39;abcdefghijklmnopqrstuvwxyz&#39;;
  $search .= &#39;ABCDEFGHIJKLMNOPQRSTUVWXYZ&#39;;
  $search .= &#39;1234567890!@#$%^&*()&#39;;
  $search .= &#39;~`";:?+/={}[]-_|\&#39;\\&#39;;
  for ($i = 0; $i < strlen($search); $i++) {
   // ;? matches the ;, which is optional
   // 0{0,7} matches any padded zeros, which are optional and go up to 8 chars
   // @ @ search for the hex values
   $val = preg_replace(&#39;/([xX]0{0,8}&#39;.dechex(ord($search[$i])).&#39;;?)/i&#39;, $search[$i], $val); // with a ;
   // @ @ 0{0,7} matches &#39;0&#39; zero to seven times
   $val = preg_replace(&#39;/(�{0,8}&#39;.ord($search[$i]).&#39;;?)/&#39;, $search[$i], $val); // with a ;
  }
  // now the only remaining whitespace attacks are \t, \n, and \r
  $ra1 = array(&#39;javascript&#39;, &#39;vbscript&#39;, &#39;expression&#39;, &#39;applet&#39;, &#39;meta&#39;, &#39;xml&#39;, &#39;blink&#39;, &#39;link&#39;, &#39;style&#39;, &#39;script&#39;, &#39;embed&#39;, &#39;object&#39;, &#39;iframe&#39;, &#39;frame&#39;, &#39;frameset&#39;, &#39;ilayer&#39;, &#39;layer&#39;, &#39;bgsound&#39;, &#39;title&#39;, &#39;base&#39;);
  $ra2 = array(&#39;onabort&#39;, &#39;onactivate&#39;, &#39;onafterprint&#39;, &#39;onafterupdate&#39;, &#39;onbeforeactivate&#39;, &#39;onbeforecopy&#39;, &#39;onbeforecut&#39;, &#39;onbeforedeactivate&#39;, &#39;onbeforeeditfocus&#39;, &#39;onbeforepaste&#39;, &#39;onbeforeprint&#39;, &#39;onbeforeunload&#39;, &#39;onbeforeupdate&#39;, &#39;onblur&#39;, &#39;onbounce&#39;, &#39;oncellchange&#39;, &#39;onchange&#39;, &#39;onclick&#39;, &#39;oncontextmenu&#39;, &#39;oncontrolselect&#39;, &#39;oncopy&#39;, &#39;oncut&#39;, &#39;ondataavailable&#39;, &#39;ondatasetchanged&#39;, &#39;ondatasetcomplete&#39;, &#39;ondblclick&#39;, &#39;ondeactivate&#39;, &#39;ondrag&#39;, &#39;ondragend&#39;, &#39;ondragenter&#39;, &#39;ondragleave&#39;, &#39;ondragover&#39;, &#39;ondragstart&#39;, &#39;ondrop&#39;, &#39;onerror&#39;, &#39;onerrorupdate&#39;, &#39;onfilterchange&#39;, &#39;onfinish&#39;, &#39;onfocus&#39;, &#39;onfocusin&#39;, &#39;onfocusout&#39;, &#39;onhelp&#39;, &#39;onkeydown&#39;, &#39;onkeypress&#39;, &#39;onkeyup&#39;, &#39;onlayoutcomplete&#39;, &#39;onload&#39;, &#39;onlosecapture&#39;, &#39;onmousedown&#39;, &#39;onmouseenter&#39;, &#39;onmouseleave&#39;, &#39;onmousemove&#39;, &#39;onmouseout&#39;, &#39;onmouseover&#39;, &#39;onmouseup&#39;, &#39;onmousewheel&#39;, &#39;onmove&#39;, &#39;onmoveend&#39;, &#39;onmovestart&#39;, &#39;onpaste&#39;, &#39;onpropertychange&#39;, &#39;onreadystatechange&#39;, &#39;onreset&#39;, &#39;onresize&#39;, &#39;onresizeend&#39;, &#39;onresizestart&#39;, &#39;onrowenter&#39;, &#39;onrowexit&#39;, &#39;onrowsdelete&#39;, &#39;onrowsinserted&#39;, &#39;onscroll&#39;, &#39;onselect&#39;, &#39;onselectionchange&#39;, &#39;onselectstart&#39;, &#39;onstart&#39;, &#39;onstop&#39;, &#39;onsubmit&#39;, &#39;onunload&#39;);
  $ra = array_merge($ra1, $ra2);
  $found = true; // keep replacing as long as the previous round replaced something
  while ($found == true) {
   $val_before = $val;
   for ($i = 0; $i < sizeof($ra); $i++) {
     $pattern = &#39;/&#39;;
     for ($j = 0; $j < strlen($ra[$i]); $j++) {
      if ($j > 0) {
        $pattern .= &#39;(&#39;;
        $pattern .= &#39;([xX]0{0,8}([9ab]);)&#39;;
        $pattern .= &#39;|&#39;;
        $pattern .= &#39;|(�{0,8}([9|10|13]);)&#39;;
        $pattern .= &#39;)*&#39;;
      }
      $pattern .= $ra[$i][$j];
     }
     $pattern .= &#39;/i&#39;;
     $replacement = substr($ra[$i], 0, 2).&#39;<x>&#39;.substr($ra[$i], 2); // add in <> to nerf the tag
     $val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
     if ($val_before == $val) {
      // no replacements were made, so exit the loop
      $found = false;
     }
   }
  }
  return $val;
}

总结:以上就是本篇文的全部内容,希望能对大家的学习有所帮助。

相关推荐:

PHP脚本的测试方法及实例

PHP生成csv文件并下载及问题解决

php三种递归函数实现方法

以上がXSS 用の PHP セキュリティ フィルタリング方法の詳細内容です。詳細については、PHP 中国語 Web サイトの他の関連記事を参照してください。

声明:
この記事の内容はネチズンが自主的に寄稿したものであり、著作権は原著者に帰属します。このサイトは、それに相当する法的責任を負いません。盗作または侵害の疑いのあるコンテンツを見つけた場合は、admin@php.cn までご連絡ください。