{"version":"1.0","provider_url":"https://hatena.blog","categories":["\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3"],"url":"https://blog.ts5.me/entry/20070405/1175793322","author_name":"teracc","title":"HDIV (Http Data Integrity Validator)","height":"190","width":"100%","image_url":null,"blog_url":"https://blog.ts5.me/","author_url":"https://blog.hatena.ne.jp/teracc/","blog_title":"teracc\u2019s blog","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fblog.ts5.me%2Fentry%2F20070405%2F1175793322\" title=\"HDIV (Http Data Integrity Validator) - teracc\u2019s blog\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","description":"WebAppSec\u306eML\u3067\u77e5\u3063\u305f\u306e\u3067\u3059\u304c\u3001HDIV\u3068\u3044\u3046Struts\u306eextension\u304c\u3042\u308b\u305d\u3046\u3067\u3059\u3002HDIV\u306b\u306f\u8272\u3005\u306a\u6a5f\u80fd\u304c\u3042\u308b\u3088\u3046\u3067\u3059\u304c\u3001 \u5b8c\u5168\u6027hidden\u306e\u5024\u3001\u30d7\u30eb\u30c0\u30a6\u30f3\u3084\u30e9\u30b8\u30aa\u30dc\u30bf\u30f3\u306e\u53d6\u308a\u3046\u308b\u5024\u3001\u30ea\u30f3\u30af\u3001Cookie\u306a\u3069\u306e\u6539\u7ac4\u3092\u691c\u77e5\u3059\u308b\u3002 \u6a5f\u5bc6\u6027HTML\u5185\u306b\u73fe\u308c\u308b\u30c7\u30fc\u30bf\u3092\u96a0\u853d\u3059\u308b\u6a5f\u80fd\u3002HTML\u5185\u306e http://www.host.com?data1=12&data2=24 \u3068\u3044\u3046\u30ea\u30f3\u30afURL\u3092\u3001http://www.host.com?data1=0&data2=1 \u306b\u66f8\u304d\u63db\u3048\u308b\u4f8b\u304c\u6319\u3052\u3089\u308c\u3066\u3044\u308b\u3002 \u30d0\u30ea\u30c7\u30fc\u30b7\u30e7\u30f3\u30c6\u30ad\u30b9\u30c8\u30dc\u30c3\u30af\u30b9\u306a\u3069\u306e\u5024\u3092\u81ea\u52d5\u691c\u8a3c\u3059\u308b\u3002XSS\u3084SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u2026","provider_name":"Hatena Blog","type":"rich","published":"2007-04-05 02:15:22"}