当前位置:网站首页>Network security - record web vulnerability fixes
Network security - record web vulnerability fixes
2022-07-05 04:09:00 【Sun batian】
Network security - Record web Bug repair
Background introduction
Recently, government departments are organizing network system security testing , Vulnerabilities have also been detected in the front end of a system developed by our company , It needs to be solved
Front end use vue Framework development , Use nginx Deployment
Loophole
As shown in the figure, a total of eight vulnerabilities have been scanned , Two of them are moderately dangerous
solve the problem
CORS Trust any source vulnerability
harm
It may cause user information to be stolen , Attackers can construct other sites , Through the form of cross domain resource access , Read any information of users on this site ;
Attackers can access requests through a series of cross domain resources , Forge the user's identity and privately operate the content of this site .
Repair
Before the vulnerability is fixed , The request response is as follows
This is because of me nginx It is configured to allow cross domain requests , Default nginx It's not allowed
The error configuration is as follows
server {
listen 8071 ;
listen [::]:8071 ;
server_name test; # Here is the domain name of the website
location / {
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
root E:/data/vue/zrzy; # /vue/dist/ After packaging dist Catalog
try_files $uri $uri/ @router; # Point below @router Otherwise 404
index index.html index.htm;
}
# Corresponding to the above @router, The main Vue The request is not a real path , Can't find file , Need to redirect to index.html in , Then it is handed over to the routing processing
location @router {
rewrite ^.*$ /index.html last;
}
}
Modify the configuration as follows
server {
listen 8071 ;
listen [::]:8071 ;
server_name zrzyweb; # Here is the domain name of the website
location / {
root E:/data/vue/zrzy; # /vue/dist/ After packaging dist Catalog
try_files $uri $uri/ @router; # Point below @router Otherwise 404
index index.html index.htm;
}
# Corresponding to the above @router, The main Vue The request is not a real path , Can't find file , Need to redirect to index.html in , Then it is handed over to the routing processing
location @router {
rewrite ^.*$ /index.html last;
}
}
Revised as follows
SourceMap File leaks
harm
- It may cause the source code of the website to be leaked
- Could lead to the disclosure of sensitive information
- It may cause the attacker to get more information , Expand the attacker's attack surface
solve
This is because we are vue When packing , Not closing SourceMap, commonly SourceMap It is convenient for programmers to debug when developing .
Here we modify the vue.config.js The configuration can be , add to productionSourceMap: false.
module.exports = {
productionSourceMap: false,
}
Revised as follows , We can't see the source code when we pack and deploy , Are confused
Host Head injection vulnerability
harm
Host The head refers to HTTP Header Medium Host term , Developing WEB When applied , In order to get the website domain name conveniently , Developers may directly use this value to bring it into the application context , If this value can be controlled by an attacker , And web server No, right host header check , In some attack scenarios, user information may be leaked 、XSS etc. .
solve
stay nginx Of server Configure the interception policy , Specify only specific host Ability to visit
set $flag 0;
if ( $host = "192.168.1.249"){
set $flag 1;
}
if ( $flag = 0){
return 403;
}
HTTP Response head Server Leak frame information
harm
HTTP Header information disclosure , It usually leads to the frame information of the website 、 programing language 、Web Containers and other information leaked
Attackers can launch further attacks on websites or servers based on sensitive information
solve
nginx Of http Add the following configuration
server_tokens off;
Response header vulnerability
harm
Web Server for HTTP Missing... In the response header of the request { { detail.header_name }}
, This will invalidate the security features provided by the browser , More vulnerable to Web The impact of front-end hacker attacks .
solve
server Add
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection 1;
边栏推荐
- 长度为n的入栈顺序的可能出栈顺序
- Threejs Internet of things, 3D visualization of factory
- Fuel consumption calculator
- Phpmailer reported an error: SMTP error: failed to connect to server: (0)
- NetSetMan pro (IP fast switching tool) official Chinese version v5.1.0 | computer IP switching software download
- On the day 25K joined Tencent, I cried
- [phantom engine UE] package error appears! Solutions to findpin errors
- What is the reason why the webrtc protocol video cannot be played on the easycvr platform?
- About the recent experience of writing questions
- 【UNIAPP】系统热更新实现思路
猜你喜欢
[moteur illusoire UE] il ne faut que six étapes pour réaliser le déploiement du flux de pixels ue5 et éviter les détours! (4.26 et 4.27 principes similaires)
【刷题】BFS题目精选
Deep learning - LSTM Foundation
[array]566 Reshape the matrix - simple
Rust blockchain development - signature encryption and private key public key
如何实现实时音视频聊天功能
Interview related high-frequency algorithm test site 3
【虚幻引擎UE】运行和启动的区别,常见问题分析
“金九银十”是找工作的最佳时期吗?那倒未必
Online sql to excel (xls/xlsx) tool
随机推荐
A application wakes up B should be a fast method
[phantom engine UE] realize the animation production of mapping tripod deployment
10种寻址方式之间的区别
How to use jedis of redis
Un réveil de l'application B devrait être rapide
长度为n的入栈顺序的可能出栈顺序
Special Edition: spreadjs v15.1 vs spreadjs v15.0
Alibaba cloud ECS uses cloudfs4oss to mount OSS
lds链接的 顺序问题
【虚幻引擎UE】运行和启动的区别,常见问题分析
Scheduling system of kubernetes cluster
[phantom engine UE] package error appears! Solutions to findpin errors
[phantom engine UE] only six steps are needed to realize the deployment of ue5 pixel stream and avoid detours! (the principles of 4.26 and 4.27 are similar)
Use object composition in preference to class inheritance
ClickPaaS低代码平台
Clickpaas low code platform
Threejs realizes the drawing of the earth, geographical location annotation, longitude and latitude conversion of world coordinates threejs coordinates
provide/inject
How to realize real-time audio and video chat function
Plasticscm enterprise crack