Search This Blog

2018/02/14

ModuleNotFoundError: No module named 'requests'

When 'import request' happened to ModuleNotFoundError.

Python2:
pip install requests

Python3:
python3.6 -m pip install requests

Same as ModuleNotFoundError for BeautifulSoup4
python3.6 -m pip install BeautifulSoup4
By No comments :
标签:

Install python3.6 in centos

yum search python36
yum install -y python36u python36u-libs python36u-devel python36u-pip

python3.6 -V
By No comments :
标签: ,

Remove duplicate value from array

function unique(list) {
  var result = [];
  $.each(list, function(i, e) {
    if ($.inArray(e, result) == -1) result.push(e);
  });
  return result;
}
By No comments :
标签: ,

2018/02/03

How to do Cross Site Scripting Test

Set parameter value includes: "'<>()
  • "'><script>alert('XSS');</script>
Solution
  • Check every parameter.
  • Don't output parameter value in the page directly.
Example
randinblogger.blogspot.com/?m="'><script>alert('XSS');</script>

IE/Edge only show # because XSS filter(X-XSS-Protection)
By No comments :
标签: , ,

IE/Edge only show # because XSS filter(X-XSS-Protection)

If a cross-site scripting attack is detected, the IE will sanitize the page and only show a "#" as default header.

X-XSS-Protection: 0

Disables XSS filtering.

X-XSS-Protection: 1

Enables XSS filtering(usually default in browsers), sanitize the page.

X-XSS-Protection: 1; mode=block

Enables XSS filtering, prevent rendering of the page if an attack is detected.

X-XSS-Protection: 1; report=<reporting-uri>

Enables XSS filtering, sanitize the page and report the violation. This uses the functionality of the CSP report-uri directive to send a report.

In PHP

header("X-XSS-Protection: 1; mode=block");

By .htaccess

<IfModule mod_headers.c>
  Header set X-XSS-Protection "1; mode=block"
</IfModule>

Controlling the XSS Filter(Microsoft)
X-XSS-Protection(MDN)
By No comments :
标签: , ,
Subscribe to: Posts ( Atom )