[TOC]
资源
<白帽子讲Web安全>
Web security @MDN
https://developer.mozilla.org/en-US/docs/Web/Security
OWASP Cheat Sheet Series
https://cheatsheetseries.owasp.org/index.html
Cross-site scripting @Google
https://www.google.com/about/appsecurity/learning/xss/index.html
Using HTTP cookies
https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie
cookie的详细使用, 包括一些安全相关选项
前端安全系列 @美团技术团队
https://juejin.im/post/5bad9140e51d450e935c6d64
=> xss-game -> anwser
基本要求
同源策略
host( 域名或IP )
子域名
端口
协议 ( https, http, ftp… )
若有收获,就点个赞吧
0 人点赞
