论文部分内容阅读
随着基于web2.0的互联网应用的广泛使用,web的安全问题也日益突显,根据OWASP的2013和2017的调查,其中注入攻击一直排名第一。本文意在对SQL注入的常用方法进行列举,系统的分析了SQL注入的原理,从而对SQL注入漏洞提出了一些基本的防御策略。
With the widespread use of web 2.0-based Internet applications, the web security issue is also increasingly prominent, according to OWASP 2013 and 2017 survey, which has been the injection attack ranked first. This article is intended to enumerate the common methods of SQL injection, the system analysis of the principle of SQL injection, SQL injection vulnerability thus proposed some basic defense strategy.