我在checkmarx中收到代碼爲windw.location.toString()
的錯誤什麼是最好的防止此錯誤?如何在使用window.location.toString()時防止XSS攻擊
錯誤:
method at line 74 gets user input for the toString() element. the elements value then flows thrugh client side code without being properly sanitized or validated and is eventually displayed to the user in line 80. this may enable t dom css attack.
包括相關的代碼行,其中錯誤發生......和完整的錯誤信息。 –