search

Home  >  Q&A  >  body text

java - 在控制器使用解码为什么会引起安全性问题?

URLDecoder.decode这句话为什么会被安全测试工具测到了造成了注入攻击?

大家讲道理大家讲道理2890 days ago356

reply all(1)I'll reply

  • 阿神

    阿神2017-04-17 17:50:04

    It should not be an injection attack caused by this sentence itself. It should be that the result after you decode the URL contains injectable parameters. Specific suggestions are to post some code and debugging logs

    reply
    0
  • Cancelreply