当前位置:网站首页>php parse_url绕过白名单
php parse_url绕过白名单
2022-07-28 14:15:00 【[email protected]】
$host = parse_url($url, PHP_URL_HOST);
if (!in_array($host, [
'xxx.xxx',
]))
已知这种检验,判断url的host是否在白名单中,此时可以通过http://[email protected]这种方式绕过,http://[email protected]解析host为xxx.xxx,而当浏览器访问这个网站时,\符号会变成/符号,导致绕过。
版权声明
本文为[[email protected]]所创,转载请带上原文链接,感谢
https://blog.csdn.net/qq_38641816/article/details/108380321
边栏推荐
- 8、 C scope rules
- Instant experience | further improve application device compatibility with cts-d
- 知识产权相关的风险评估要怎么做
- Deploy flask on Alibaba cloud server
- Mlx90640 infrared thermal imager sensor module development notes (VIII)
- The second 1024, come on!
- List of security technologies to be considered in cloud computing
- @Solution to DS ('slave') multi data source compatible transaction problem
- 17、 Solutions to duplicate names of ROS function packages and nodes
- 安全与隐私计算在国内发展现状
猜你喜欢
Instant experience | further improve application device compatibility with cts-d
Introduction to mqtt protocol
苹果iPhone手机APP应用图标隐藏怎么找回恢复显示在iPhone苹果手机桌面显示被隐藏的应用APP图标到iPhone苹果手机桌面?
滑块还原和验证(法律数据库)
模板注入总结
Feeling about software development work in the second anniversary
Image steganography method
shellcode编写(未完)
Deploy flask on Alibaba cloud server
![UTF-8、UTF-16 和 UTF-32 字符编码之间的区别?[图文详解]](/img/a9/336390db64d871fa1655800c1e0efc.png)
UTF-8、UTF-16 和 UTF-32 字符编码之间的区别?[图文详解]
随机推荐
3438. Number system conversion
3564. 日期类
CCSP 云安全设计原则都有哪些
4、 C language operators
Application of edge technology and applet container in smart home
View gnuradio version
Development status of security and privacy computing in China
Partition and index of Oracle Database
Compose learning notes 2 - launchedeffect, status and status management
PHP memory horse
chrome插件调试
Wonderful frog -- how simple can it be to abandon the float and use the navigation bar set by the elastic box
5、 C language judgment statement
3559. 围圈报数
Find papers and their open source code
使用cpolar发布树莓派网页(apache2的安装测试)
SystemVerilog
Hard disk partition method
3438. 数制转换
Knowledge map Foundation (I) - what is knowledge map