December 2017
Beginner
624 pages
15h 38m
Korean
Content preview from Head First Python, 개정판 : 스스로 질문하며 답을 찾는 파이썬 학습서(Python 3)
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
지금 여기예요
4
459
예외 처리
우리 웹앱은 웹 공격에 안전한가요?
SQL
인젝션(
SQLi
)과 크로스 사이트 스크립팅(
XSS
)은 많은 웹 개발자를
공포에 떨게 만드는 말입니다.
SQL
인젝션은 백엔드 데이터베이스를 노린
공격이고 크로스 사이트 스크립팅은 웹사이트를 노린 공격입니다. 다른 종류의
웹 공격도 많지만 이
‘
두 가지가 자주 일어나는
’
공격입니다.
2
웹 공격은 정말 괴로운 일이에요
백엔드 데이터베이스 문제 말고도 웹앱에 악의적인 일을 시도하는 공격도 생각해야 합니다.
다음과 같은 두 번째 문제가 발생하죠.
우리 웹앱에 웹 공격을 흉내 내서 어떤 일이 일어나는지 확인합시다. 아래 화면에서 볼 수
있는 것처럼 두 가지 공격을 시도했는데 별문제 없었습니다.
웹 인터페이스에 SQL 인젝션을 시도하면
아무 일도 일어나지 않습니다. 예상했던
‘
search4letters
’
실행 결과가 나타날
뿐이죠.
자바스크립트를 웹앱에 삽입해서 XSS를 시도했지만
아무 일도 일어나지 않았습니다.
다행히 자바스크립트가 실행되지 않았어요. 자바스크립트를
웹앱으로 전송된 텍스트 데이터로 취급했네요.
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.