我非常关注我构建的Web应用程序的安全性,因此我一直在使用各种工具来爬取我的每个应用程序。虽然已经完成了所有可以通过编程完成而Active Record等现成类没有预见到的工作,但我仍然收到有一个问题的警报,我不知道从哪里开始解决这个问题。我正在运行
下面是建议内容:
当然,无论什么都可以。我所理解的这种漏洞是普遍无害的,但在不同类型的Web应用程序中可能会造成危害。
您需要做什么来阻止这种攻击呢?感谢任何建议。
Unicorn
,它位于Nginx
和Rails 4.1
之后。我一直收到的警报是: An attacker can manipulate the Host header as seen by the
web application and cause the application to behave in
unexpected ways. Developers often resort to the exceedingly
untrustworthy HTTP Host header (_SERVER["HTTP_HOST"] in PHP).
Even otherwise-secure applications trust this value enough to
write it to the page without HTML-encoding it with code equivalent to:
<link href="https://_SERVER['HOST']" (Joomla)
...and append secret keys and tokens to links containing it:
(Django, Gallery, others)
....and even directly import scripts from it:
(Various)
下面是建议内容:
The web application should use the SERVER_NAME instead
of the Host header. It should also create a dummy vhost
that catches all requests with unrecognized Host headers.
This can also be done under Nginx by specifying a non-wildcard
SERVER_NAME, and under Apache by using a non-wildcard serverName
and turning the UseCanonicalName directive on. Consult references
for detailed information.
当然,无论什么都可以。我所理解的这种漏洞是普遍无害的,但在不同类型的Web应用程序中可能会造成危害。
您需要做什么来阻止这种攻击呢?感谢任何建议。