Notice
Recent Posts
Recent Comments
Link
| ์ผ | ์ | ํ | ์ | ๋ชฉ | ๊ธ | ํ |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | 31 |
Tags
- ๋์ปค
- Ajax
- MySQL
- ๋์
- ์ปจํธ๋กค๋ฌ
- ํจ์
- ๋์ ํ ์ด๋ธ
- JS
- ๋ช ๋ น์ด
- ํ ์ด๋ธ
- optionํ๊ทธ
- DATE_FORMAT
- ํ๋ก๊ทธ๋๋จธ์ค
- ๋ฐฐ์ด
- JavaScript
- oracle
- SQL
- post๋ฐฉ์
- ๋ณ์
- Spring
- ๋ฆฌ๋ ์ค
- like
- Update
- ์ธ๋ผ์ธ๋ทฐ
- ์ฝํ
- order by
- select
- ์๋ฐ์คํฌ๋ฆฝํธ
- ๋ฐฑํฑ
- JSP
Archives
- Today
- Total
bom's happy life
[JSP] ๋ฐ์ดํฐ ์์ ํ๊ฒ ์ถ๋ ฅํ๊ธฐ - excapeXml ํจ์, <c:out>ํ๊ทธ ์ฌ์ฉ ๋ณธ๋ฌธ
Deveolpment Study๐๏ธ/JSP
[JSP] ๋ฐ์ดํฐ ์์ ํ๊ฒ ์ถ๋ ฅํ๊ธฐ - excapeXml ํจ์, <c:out>ํ๊ทธ ์ฌ์ฉ
bompeach 2023. 10. 11. 13:33XSS๊ณต๊ฒฉ์ผ๋ก๋ถํฐ ์์ ํ๊ฒ ๋ฐ์ดํฐ ์ถ๋ ฅํ๊ธฐ
1. ${fn:escapeXml()} ํจ์ ์ฌ์ฉํ์ฌ ๋ฐ์ดํฐ ์์ ํ๊ฒ ์ถ๋ ฅํ๊ธฐ, XSS๊ณต๊ฒฉ์ผ๋ก๋ถํฐ ์์ ํ๊ฒ ์ ์ง๋๋ค.
</p>
<c:if test="${!empty resultInfo}">
<p class="p_title">${fn:escapeXml(resultInfo.title)}</p>
<p class="p_txt">${fn:escapeXml(resultInfo.content)}</p>
</c:if><td colspan="2" class="cont_area">
<textarea class="w98p" id="content" name="content" title="๋ด์ฉ">${fn:escapeXml(board.content)}</textarea>
</td>
2. <c:out> ํ๊ทธ๋ฅผ ์ฌ์ฉํ์ฌ ์์ ํ๊ฒ ์ถ๋ ฅํ๊ธฐ , XSS๊ณต๊ฒฉ์ผ๋ก๋ถํฐ ์์ ํ๊ฒ ์ ์ง๋๋ค.
</p>
<c:if test="${!empty resultInfo}">
<p class="p_title"><c:out value="${resultInfo.title}" /></p>
<p class="p_txt"><c:out value="${resultInfo.content}" /></p>
</c:if><td colspan="2" class="cont_area">
<textarea class="w98p" id="content" name="content" title="๋ด์ฉ"><c:out value="${board.content}" /></textarea>
</td>
'Deveolpment Study๐๏ธ > JSP' ์นดํ ๊ณ ๋ฆฌ์ ๋ค๋ฅธ ๊ธ
| [JSP] ํ ์ด๋ธ์ index ์ค์ ํด์ฃผ๊ธฐ (0) | 2023.11.03 |
|---|---|
| [JSP] <c:url> ์ด๋? (1) | 2023.10.17 |
| [JSP] <c:out> ์ ์ฌ์ฉํ๋ ์ด์ ? (0) | 2023.10.11 |
| [JSP] JSPํ๊ทธ์์ ์ผ์ค ์ค์ฒฉ ๋ฐ์ดํ๋ฅผ ์ฌ๋ฐ๋ฅด๊ฒ ์ด์ค์ผ์ดํํ๋ ๋ฐฉ๋ฒ (0) | 2023.10.11 |
| [JSP] ๋ณ์ ์ฌ์ฉํ๊ธฐ (0) | 2023.06.26 |