{"width":"100%","published":"2011-06-07 02:19:42","version":"1.0","blog_url":"https://blog.kyanny.me/","html":"","author_name":"a666666","image_url":null,"height":"190","type":"rich","blog_title":"@kyanny's blog","url":"https://blog.kyanny.me/entry/20110607/1307467182","title":"4. Web\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u6a5f\u80fd\u5225\u306b\u898b\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d0\u30b0 (4.5 \u300c\u91cd\u8981\u306a\u51e6\u7406\u300d\u306e\u969b\u306b\u6df7\u5165\u3059\u308b\u8106\u5f31\u6027)","categories":["\u8aad\u66f8","\u4f53\u7cfb\u7684\u306b\u5b66\u3076 \u5b89\u5168\u306aWeb\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u4f5c\u308a\u65b9","wasbook"],"description":"\u3044\u308f\u3086\u308b CSRF \u306e\u8a71\u3002 CSRF Cross-Site Request Forgeries \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u6b63\u898f\u306e\u5229\u7528\u8005\u306e\u6a29\u9650\u3067\u3001\u610f\u56f3\u305b\u305a\u91cd\u8981\u306a\u51e6\u7406\u3078\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u304c\u767a\u884c\u3055\u308c\u3001\u60aa\u7528\u3055\u308c\u308b\uff08\u4f8b: \u306f\u307e\u3061\u3061\u3083\u3093\u300c\u3053\u3093\u306b\u3061\u306f\u3053\u3093\u306b\u3061\u306f!!\u300d\uff09 XSS \u3068\u306f\u9055\u3044\u76f4\u63a5\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u500b\u4eba\u60c5\u5831\u3084\u30bb\u30c3\u30b7\u30e7\u30f3 Cookie \u306e\u3088\u3046\u306a\u60c5\u5831\u3092\u653b\u6483\u8005\u304c\u77e5\u308a\u5f97\u308b\u3082\u306e\u3067\u306f\u306a\u3044 \u7f60\u306e HTML \u306e\u4f8b