-
公开(公告)号:US20150319189A1
公开(公告)日:2015-11-05
申请号:US14709003
申请日:2015-05-11
Applicant: Amazon Technologies, Inc.
CPC classification number: H04L63/08 , G06F21/55 , H04L29/06 , H04L63/123 , H04L63/1466 , H04L67/02
Abstract: Methods and systems for protecting websites from cross-site scripting are disclosed. A request for a web page comprising a web page element is received from a client. It is determined if the web page comprises a data integrity token for the web page element. It is also determined if a value of the data integrity token matches an expected value. If the web page comprises the data integrity token and if the value matches the expected value, the web page comprising the web page element is sent to the client. If the web page does not comprise the data integrity token or if the value does not match the expected value, a protective operation is performed.
Abstract translation: 披露了用于保护网站免受跨站脚本影响的方法和系统。 从客户端接收到包括网页元素的网页的请求。 确定网页是否包括网页元素的数据完整性令牌。 还确定数据完整性令牌的值是否与预期值相匹配。 如果网页包括数据完整性令牌,并且如果该值与期望值匹配,则包含网页元素的网页被发送到客户端。 如果网页不包含数据完整性令牌,或者如果该值与预期值不匹配,则执行保护操作。
Search Results
1
records
(took 0.011 seconds)
