锘??xml version="1.0" encoding="utf-8" standalone="yes"?>体彩幸运赛车直播视频:BlogJava - ▼幸运赛车规则▼幸运赛车投注▼幸运赛车开奖结果查询▼湖南幸运赛车开奖奖金▼幸运赛车走势▼//www.cqk4s.cn/hello-yun/蹇箰鎴愰暱zh-cnMon, 20 May 2019 19:32:59 GMTMon, 20 May 2019 19:32:59 GMT60鏀跺綍锛氫竴涓ц兘杈冨ソ鐨刯vm鍙傛暟閰嶇疆浠ュ強jvm鐨勭畝浠?/title><link>//www.cqk4s.cn/hello-yun/archive/2015/07/19/426314.html</link><dc:creator>浜戜簯</dc:creator><author>浜戜簯</author><pubDate>Sun, 19 Jul 2015 14:57:00 GMT</pubDate><guid>//www.cqk4s.cn/hello-yun/archive/2015/07/19/426314.html</guid><wfw:comment>//www.cqk4s.cn/hello-yun/comments/426314.html</wfw:comment><comments>//www.cqk4s.cn/hello-yun/archive/2015/07/19/426314.html#Feedback</comments><slash:comments>0</slash:comments><wfw:commentRss>//www.cqk4s.cn/hello-yun/comments/commentRss/426314.html</wfw:commentRss><trackback:ping>//www.cqk4s.cn/hello-yun/services/trackbacks/426314.html</trackback:ping><description><![CDATA[杞嚜锛//blog.csdn.net/jeffreynicole/article/details/46953059 <br /><br /><br /><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">涓涓ц兘杈冨ソ鐨剋eb鏈嶅姟鍣╦vm鍙傛暟閰嶇疆锛?/p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><br /></p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"></p><div bg_plain"="" style="width: 938.515625px; overflow: hidden; border-color: #cccccc; color: #555555; line-height: 35px;"><div class="vpdh"><div class="vpdh"><strong class="vpdh">[plain]</strong> <a title="view plain" style="padding: 1px; color: #0c89cf; display: inline-block; width: 16px; height: 16px; text-indent: -2000px; background-image: url(//static.blog.csdn.net/scripts/SyntaxHighlighter/styles/images/default/ico_plain.gif); background-position: 0% 0%; background-repeat: no-repeat;">view plain</a><a title="copy" style="padding: 1px; color: #0c89cf; display: inline-block; width: 16px; height: 16px; text-indent: -2000px; background-image: url(//static.blog.csdn.net/scripts/SyntaxHighlighter/styles/images/default/ico_copy.gif); background-position: 0% 0%; background-repeat: no-repeat;">copy</a><div style="position: absolute; left: 472px; top: 696px; width: 18px; height: 18px; z-index: 99;"></div></div></div><ol start="1"><li style="line-height: 18px;">-server //鏈嶅姟鍣ㄦā寮?nbsp; </li><li style="line-height: 18px;">-Xmx2g //JVM鏈澶у厑璁稿垎閰嶇殑鍫嗗唴瀛橈紝鎸夐渶鍒嗛厤  </li><li style="line-height: 18px;">-Xms2g //JVM鍒濆鍒嗛厤鐨勫爢鍐呭瓨锛屼竴鑸拰Xmx閰嶇疆鎴愪竴鏍蜂互閬垮厤姣忔gc鍚嶫VM閲嶆柊鍒嗛厤鍐呭瓨銆?nbsp; </li><li style="line-height: 18px;">-Xmn256m //骞磋交浠e唴瀛樺ぇ灏忥紝鏁翠釜JVM鍐呭瓨=骞磋交浠?nbsp;+ 骞磋佷唬 + 鎸佷箙浠?nbsp; </li><li style="line-height: 18px;">-XX:PermSize=128m //鎸佷箙浠e唴瀛樺ぇ灏?nbsp; </li><li style="line-height: 18px;">-Xss256k //璁剧疆姣忎釜绾跨▼鐨勫爢鏍堝ぇ灏?nbsp; </li><li style="line-height: 18px;">-XX:+DisableExplicitGC //蹇界暐鎵嬪姩璋冪敤GC, System.gc()鐨勮皟鐢ㄥ氨浼氬彉鎴愪竴涓┖璋冪敤锛屽畬鍏ㄤ笉瑙﹀彂GC  </li><li style="line-height: 18px;">-XX:+UseConcMarkSweepGC //骞跺彂鏍囪娓呴櫎锛圕MS锛夋敹闆嗗櫒  </li><li style="line-height: 18px;">-XX:+CMSParallelRemarkEnabled //闄嶄綆鏍囪鍋滈】  </li><li style="line-height: 18px;">-XX:+UseCMSCompactAtFullCollection //鍦‵ULL GC鐨勬椂鍊欏骞磋佷唬鐨勫帇缂?nbsp; </li><li style="line-height: 18px;">-XX:LargePageSizeInBytes=128m //鍐呭瓨椤电殑澶у皬  </li><li style="line-height: 18px;">-XX:+UseFastAccessorMethods //鍘熷绫诲瀷鐨勫揩閫熶紭鍖?nbsp; </li><li style="line-height: 18px;">-XX:+UseCMSInitiatingOccupancyOnly //浣跨敤鎵嬪姩瀹氫箟鍒濆鍖栧畾涔夊紑濮婥MS鏀堕泦  </li><li style="line-height: 18px;">-XX:CMSInitiatingOccupancyFraction=70 //浣跨敤cms浣滀负鍨冨溇鍥炴敹浣跨敤70锛呭悗寮濮婥MS鏀堕泦  </li></ol></div><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"></p><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">璇存槑锛?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">-Xmn鍜?Xmx涔嬫瘮澶ф鏄?:9锛屽鏋滄妸鏂扮敓浠e唴瀛樿缃緱澶ぇ浼氬鑷磞oung gc鏃堕棿杈冮暱</p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">涓涓ソ鐨刉eb绯荤粺搴旇鏄瘡娆ttp璇锋眰鐢宠鍐呭瓨閮借兘鍦▂oung gc鍥炴敹鎺夛紝full gc姘镐笉鍙戠敓锛屽綋鐒惰繖鏄渶鐞嗘兂鐨勬儏鍐?/p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">xmn鐨勫煎簲璇ユ槸淇濊瘉澶熺敤锛堝http骞跺彂璇锋眰涔嬬敤锛夌殑鍓嶆彁涓嬭缃緱灏介噺灏?/p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">web鏈嶅姟鍣ㄥ拰娓告垙鏈嶅姟鍣ㄧ殑閰嶇疆鎬濊矾涓嶅お涓鏍凤紝鏈閲嶈鐨勫尯鍒槸瀵规父鎴忔湇鍔″櫒鐨剎mn鍗冲勾杞讳唬璁剧疆姣旇緝澶э紝鍜孹mx澶ф1:3鐨勫叧绯伙紝鍥犱负娓告垙鏈嶅姟鍣ㄤ竴鑸槸闀胯繛鎺ワ紝鍦ㄤ繚鎸佷竴瀹氱殑骞跺彂閲忓悗闇瑕佽緝澶х殑骞磋交浠e爢鍐呭瓨锛屽鏋滆缃緱澶у皬浜嗕細缁忓父寮曞彂young gc</p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><br /></p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"></p><ul style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><li class="vpdh">瀵笿VM鐨勭畝浠?/li></ul><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"></p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><img src="//img.blog.csdn.net/20150719105526584?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQv/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center" alt="" style="border: none; max-width: 602px; height: auto;" /><br /></p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鐢变笂鍥惧彲浠ョ湅鍑簀vm鍫嗗唴瀛樼殑鍒嗙被鎯呭喌锛孞VM鍐呭瓨琚垎鎴愬涓嫭绔嬬殑閮ㄥ垎銆?br />骞挎硾鍦拌锛孞VM鍫嗗唴瀛樿鍒嗕负涓ら儴鍒?#8212;—骞磋交浠o紙Young Generation锛夊拰鑰佸勾浠o紙Old Generation锛夈?br /><br /><br /></p><ul style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><li class="vpdh"><strong class="vpdh">骞磋交浠?/strong></li></ul><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">骞磋交浠f槸鎵鏈夋柊瀵硅薄浜х敓鐨勫湴鏂广傚綋骞磋交浠e唴瀛樼┖闂磋鐢ㄥ畬鏃讹紝灏变細瑙﹀彂鍨冨溇鍥炴敹銆傝繖涓瀮鍦惧洖鏀跺彨鍋歁inor GC銆傚勾杞讳唬琚垎涓?涓儴鍒?#8212;—Enden鍖哄拰涓や釜Survivor鍖恒?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><strong style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">骞磋交浠g┖闂寸殑瑕佺偣锛?/strong><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">澶у鏁版柊寤虹殑瀵硅薄閮戒綅浜嶦den鍖恒?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">褰揈den鍖鸿瀵硅薄濉弧鏃讹紝灏变細鎵цMinor GC銆傚苟鎶婃墍鏈夊瓨娲讳笅鏉ョ殑瀵硅薄杞Щ鍒板叾涓竴涓猻urvivor鍖恒?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">Minor GC鍚屾牱浼氭鏌ュ瓨娲讳笅鏉ョ殑瀵硅薄锛屽苟鎶婂畠浠浆绉诲埌鍙︿竴涓猻urvivor鍖恒傝繖鏍峰湪涓娈垫椂闂村唴锛屾讳細鏈変竴涓┖鐨剆urvivor鍖恒?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">缁忚繃澶氭GC鍛ㄦ湡鍚庯紝浠嶇劧瀛樻椿涓嬫潵鐨勫璞′細琚浆绉诲埌骞磋佷唬鍐呭瓨绌洪棿銆傞氬父杩欐槸鍦ㄥ勾杞讳唬鏈夎祫鏍兼彁鍗囧埌骞磋佷唬鍓嶉氳繃璁惧畾骞撮緞闃堝兼潵瀹屾垚鐨勩?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><strong style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><br /></strong><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"></p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"></p><ul style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><li class="vpdh"><strong class="vpdh">骞磋佷唬</strong></li></ul><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">骞磋佷唬鍐呭瓨閲屽寘鍚簡闀挎湡瀛樻椿鐨勫璞″拰缁忚繃澶氭Minor GC鍚庝緷鐒跺瓨娲讳笅鏉ョ殑瀵硅薄銆傞氬父浼氬湪鑰佸勾浠e唴瀛樿鍗犳弧鏃惰繘琛屽瀮鍦惧洖鏀躲傝佸勾浠g殑鍨冨溇鏀堕泦鍙仛Major GC銆侻ajor GC浼氳姳璐规洿澶氱殑鏃堕棿銆?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><strong style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">Stop the World浜嬩欢</strong><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鎵鏈夌殑鍨冨溇鏀堕泦閮芥槸“Stop the World”浜嬩欢锛屽洜涓烘墍鏈夌殑搴旂敤绾跨▼閮戒細鍋滀笅鏉ョ洿鍒版搷浣滃畬鎴愶紙鎵浠ュ彨“Stop the World”锛夈?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鍥犱负骞磋交浠i噷鐨勫璞¢兘鏄竴浜涗复鏃讹紙short-lived 锛夊璞★紝鎵цMinor GC闈炲父蹇紝鎵浠ュ簲鐢ㄤ笉浼氬彈鍒帮紙“Stop the World”锛夊奖鍝嶃?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鐢变簬Major GC浼氭鏌ユ墍鏈夊瓨娲荤殑瀵硅薄锛屽洜姝や細鑺辫垂鏇撮暱鐨勬椂闂淬傚簲璇ュ敖閲忓噺灏慚ajor GC銆傚洜涓篗ajor GC浼氬湪鍨冨溇鍥炴敹鏈熼棿璁╀綘鐨勫簲鐢ㄥ弽搴旇繜閽濓紝鎵浠ュ鏋滀綘鏈変竴涓渶瑕佸揩閫熷搷搴旂殑搴旂敤鍙戠敓澶氭Major GC锛屼綘浼氱湅鍒拌秴鏃堕敊璇?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鍨冨溇鍥炴敹鏃堕棿鍙栧喅浜庡瀮鍦惧洖鏀剁瓥鐣ャ傝繖灏辨槸涓轰粈涔堟湁蹇呰鍘荤洃鎺у瀮鍦炬敹闆嗗拰瀵瑰瀮鍦炬敹闆嗚繘琛岃皟浼樸備粠鑰岄伩鍏嶈姹傚揩閫熷搷搴旂殑搴旂敤鍑虹幇瓒呮椂閿欒銆?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><ul style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><li class="vpdh"><strong class="vpdh">姘镐箙浠?/strong></li></ul><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">姘镐箙浠f垨鑰?#8220;Perm Gen”鍖呭惈浜咼VM闇瑕佺殑搴旂敤鍏冩暟鎹紝杩欎簺鍏冩暟鎹弿杩颁簡鍦ㄥ簲鐢ㄩ噷浣跨敤鐨勭被鍜屾柟娉曘傛敞鎰忥紝姘镐箙浠d笉鏄疛ava鍫嗗唴瀛樼殑涓閮ㄥ垎銆?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">姘镐箙浠e瓨鏀綣VM杩愯鏃朵娇鐢ㄧ殑绫汇傛案涔呬唬鍚屾牱鍖呭惈浜咼ava SE搴撶殑绫诲拰鏂规硶銆傛案涔呬唬鐨勫璞″湪full GC鏃惰繘琛屽瀮鍦炬敹闆嗐?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><strong style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鏂规硶鍖?/strong><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鏂规硶鍖烘槸姘镐箙浠g┖闂寸殑涓閮ㄥ垎锛屽苟鐢ㄦ潵瀛樺偍绫诲瀷淇℃伅锛堣繍琛屾椂甯搁噺鍜岄潤鎬佸彉閲忥級鍜屾柟娉曚唬鐮佸拰鏋勯犲嚱鏁颁唬鐮併?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><strong style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鍐呭瓨姹?/strong><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">濡傛灉JVM瀹炵幇鏀寔锛孞VM鍐呭瓨绠$悊浼氫负鍒涘缓鍐呭瓨姹狅紝鐢ㄦ潵涓轰笉鍙樺璞″垱寤哄璞℃睜銆傚瓧绗︿覆姹犲氨鏄唴瀛樻睜绫诲瀷鐨勪竴涓緢濂界殑渚嬪瓙銆傚唴瀛樻睜鍙互灞炰簬鍫嗘垨鑰呮案涔呬唬锛岃繖鍙栧喅浜嶫VM鍐呭瓨绠$悊鐨勫疄鐜般?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><strong style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">杩愯鏃跺父閲忔睜</strong><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">杩愯鏃跺父閲忔睜鏄瘡涓被甯搁噺姹犵殑杩愯鏃朵唬琛ㄣ傚畠鍖呭惈浜嗙被鐨勮繍琛屾椂甯搁噺鍜岄潤鎬佹柟娉曘傝繍琛屾椂甯搁噺姹犳槸鏂规硶鍖虹殑涓閮ㄥ垎銆?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><strong style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">Java鏍堝唴瀛?/strong><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">Java鏍堝唴瀛樼敤浜庤繍琛岀嚎绋嬨傚畠浠寘鍚簡鏂规硶閲岀殑涓存椂鏁版嵁銆佸爢閲屽叾瀹冨璞″紩鐢ㄧ殑鐗瑰畾鏁版嵁銆?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><strong style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">Java鍨冨溇鍥炴敹</strong><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">Java鍨冨溇鍥炴敹浼氭壘鍑烘病鐢ㄧ殑瀵硅薄锛屾妸瀹冧粠鍐呭瓨涓Щ闄ゅ苟閲婃斁鍑哄唴瀛樼粰浠ュ悗鍒涘缓鐨勫璞′娇鐢ㄣ侸ava绋嬪簭璇█涓殑涓涓渶澶т紭鐐规槸鑷姩鍨冨溇鍥炴敹锛屼笉鍍忓叾浠栫殑绋嬪簭璇█閭f牱闇瑕佹墜鍔ㄥ垎閰嶅拰閲婃斁鍐呭瓨锛屾瘮濡侰璇█銆?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鍨冨溇鏀堕泦鍣ㄦ槸涓涓悗鍙拌繍琛岀▼搴忋傚畠绠$悊鐫鍐呭瓨涓殑鎵鏈夊璞″苟鎵惧嚭娌¤寮曠敤鐨勫璞°傛墍鏈夌殑杩欎簺鏈紩鐢ㄧ殑瀵硅薄閮戒細琚垹闄わ紝鍥炴敹瀹冧滑鐨勭┖闂村苟鍒嗛厤缁欏叾浠栧璞°?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">涓涓熀鏈殑鍨冨溇鍥炴敹杩囩▼娑夊強涓変釜姝ラ锛?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鏍囪锛氳繖鏄涓姝ャ傚湪杩欎竴姝ワ紝鍨冨溇鏀堕泦鍣ㄤ細鎵惧嚭鍝簺瀵硅薄姝e湪浣跨敤鍜屽摢浜涘璞′笉鍦ㄤ娇鐢ㄣ?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">姝e父娓呴櫎锛氬瀮鍦炬敹闆嗗櫒娓呬細闄や笉鍦ㄤ娇鐢ㄧ殑瀵硅薄锛屽洖鏀跺畠浠殑绌洪棿鍒嗛厤缁欏叾浠栧璞°?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鍘嬬缉娓呴櫎锛氫负浜嗘彁鍗囨ц兘锛屽帇缂╂竻闄や細鍦ㄥ垹闄ゆ病鐢ㄧ殑瀵硅薄鍚庯紝鎶婃墍鏈夊瓨娲荤殑瀵硅薄绉诲埌涓璧枫傝繖鏍峰彲浠ユ彁楂樺垎閰嶆柊瀵硅薄鐨勬晥鐜囥?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">绠鍗曟爣璁板拰娓呴櫎鏂规硶瀛樺湪涓や釜闂锛?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">鏁堢巼寰堜綆銆傚洜涓哄ぇ澶氭暟鏂板缓瀵硅薄閮戒細鎴愪负“娌$敤瀵硅薄”銆?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">缁忚繃澶氭鍨冨溇鍥炴敹鍛ㄦ湡鐨勫璞″緢鏈夊彲鑳藉湪浠ュ悗鐨勫懆鏈熶篃浼氬瓨娲讳笅鏉ャ?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">涓婇潰绠鍗曟竻闄ゆ柟娉曠殑闂鍦ㄤ簬Java鍨冨溇鏀堕泦鐨勫垎浠e洖鏀剁殑锛岃屼笖鍦ㄥ爢鍐呭瓨閲屾湁骞磋交浠e拰骞磋佷唬涓や釜鍖哄煙銆?/span><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><br style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;" /><ul style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"><li class="vpdh"><strong class="vpdh">Java鍨冨溇鍥炴敹绫诲瀷</strong></li></ul><span style="color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">杩欓噷鏈変簲绉嶅彲浠ュ湪搴旂敤閲屼娇鐢ㄧ殑鍨冨溇鍥炴敹绫诲瀷銆?/span><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;"></p><p style="margin: 0px; padding: 0px; color: #555555; font-family: 'microsoft yahei'; font-size: 15px; line-height: 35px; background-color: #ffffff;">浠呴渶瑕佷娇鐢↗VM寮鍏冲氨鍙互鍦ㄦ垜浠殑搴旂敤閲屽惎鐢ㄥ瀮鍦惧洖鏀剁瓥鐣ャ?br /><br /><strong class="vpdh">Serial GC锛?XX:+UseSerialGC锛?/strong>锛歋erial GC浣跨敤绠鍗曠殑鏍囪銆佹竻闄ゃ佸帇缂╂柟娉曞骞磋交浠e拰骞磋佷唬杩涜鍨冨溇鍥炴敹锛屽嵆Minor GC鍜孧ajor GC銆係erial GC鍦╟lient妯″紡锛堝鎴风妯″紡锛夊緢鏈夌敤锛屾瘮濡傚湪绠鍗曠殑鐙珛搴旂敤鍜孋PU閰嶇疆杈冧綆鐨勬満鍣ㄣ傝繖涓ā寮忓鍗犳湁鍐呭瓨杈冨皯鐨勫簲鐢ㄥ緢绠$敤銆?br /><strong class="vpdh">Parallel GC锛?XX:+UseParallelGC锛?/strong>锛氶櫎浜嗕細浜х敓N涓嚎绋嬫潵杩涜骞磋交浠g殑鍨冨溇鏀堕泦澶栵紝Parallel GC鍜孲erial GC鍑犱箮涓鏍枫傝繖閲岀殑N鏄郴缁烠PU鐨勬牳鏁般傛垜浠彲浠ヤ娇鐢?-XX:ParallelGCThreads=n 杩欎釜JVM閫夐」鏉ユ帶鍒剁嚎绋嬫暟閲忋傚苟琛屽瀮鍦炬敹闆嗗櫒涔熷彨throughput鏀堕泦鍣ㄣ傚洜涓哄畠浣跨敤浜嗗CPU鍔犲揩鍨冨溇鍥炴敹鎬ц兘銆侾arallel GC鍦ㄨ繘琛屽勾鑰佷唬鍨冨溇鏀堕泦鏃朵娇鐢ㄥ崟绾跨▼銆?br /><strong class="vpdh">Parallel Old GC锛?XX:+UseParallelOldGC锛?/strong>锛氬拰Parallel GC涓鏍枫備笉鍚屼箣澶勶紝Parallel Old GC鍦ㄥ勾杞讳唬鍨冨溇鏀堕泦鍜屽勾鑰佷唬鍨冨溇鍥炴敹鏃堕兘浣跨敤澶氱嚎绋嬫敹闆嗐?br /><strong class="vpdh">骞跺彂鏍囪娓呴櫎锛圕MS锛夋敹闆嗗櫒锛?XX:+UseConcMarkSweepGC)</strong>锛欳MS鏀堕泦鍣ㄤ篃琚О涓虹煭鏆傚仠椤垮苟鍙戞敹闆嗗櫒銆傚畠鏄骞磋佷唬杩涜鍨冨溇鏀堕泦鐨勩侰MS鏀堕泦鍣ㄩ氳繃澶氱嚎绋嬪苟鍙戣繘琛屽瀮鍦惧洖鏀讹紝灏介噺鍑忓皯鍨冨溇鏀堕泦閫犳垚鐨勫仠椤裤侰MS鏀堕泦鍣ㄥ骞磋交浠h繘琛屽瀮鍦惧洖鏀朵娇鐢ㄧ殑绠楁硶鍜孭arallel鏀堕泦鍣ㄤ竴鏍枫傝繖涓瀮鍦炬敹闆嗗櫒閫傜敤浜庝笉鑳藉繊鍙楅暱鏃堕棿鍋滈】瑕佹眰蹇熷搷搴旂殑搴旂敤銆傚彲浣跨敤 -XX:ParallelCMSThreads=n JVM閫夐」鏉ラ檺鍒禖MS鏀堕泦鍣ㄧ殑绾跨▼鏁伴噺銆?br /><strong class="vpdh">G1鍨冨溇鏀堕泦鍣紙-XX:+UseG1GC) G1锛圙arbage First锛?/strong>锛氬瀮鍦炬敹闆嗗櫒鏄湪Java 7鍚庢墠鍙互浣跨敤鐨勭壒鎬э紝瀹冪殑闀胯繙鐩爣鏃朵唬鏇緾MS鏀堕泦鍣ㄣ侴1鏀堕泦鍣ㄦ槸涓涓苟琛岀殑銆佸苟鍙戠殑鍜屽閲忓紡鍘嬬缉鐭殏鍋滈】鐨勫瀮鍦炬敹闆嗗櫒銆侴1鏀堕泦鍣ㄥ拰鍏朵粬鐨勬敹闆嗗櫒杩愯鏂瑰紡涓嶄竴鏍凤紝涓嶅尯鍒嗗勾杞讳唬鍜屽勾鑰佷唬绌洪棿銆傚畠鎶婂爢绌洪棿鍒掑垎涓哄涓ぇ灏忕浉绛夌殑鍖哄煙銆傚綋杩涜鍨冨溇鏀堕泦鏃讹紝瀹冧細浼樺厛鏀堕泦瀛樻椿瀵硅薄杈冨皯鐨勫尯鍩燂紝鍥犳鍙?#8220;Garbage First”銆?/p><img src ="//www.cqk4s.cn/hello-yun/aggbug/426314.html" width = "1" height = "1" /><br><br><div align=right><a style="text-decoration:none;" href="//www.cqk4s.cn/hello-yun/" target="_blank">浜戜簯</a> 2015-07-19 22:57 <a href="//www.cqk4s.cn/hello-yun/archive/2015/07/19/426314.html#Feedback" target="_blank" style="text-decoration:none;">鍙戣〃璇勮</a></div>]]></description></item><item><title>linux 绯诲垪 - ▼幸运赛车规则▼幸运赛车投注▼幸运赛车开奖结果查询▼湖南幸运赛车开奖奖金▼幸运赛车走势▼//www.cqk4s.cn/hello-yun/archive/2014/09/28/418366.html浜戜簯浜戜簯Sun, 28 Sep 2014 15:45:00 GMT//www.cqk4s.cn/hello-yun/archive/2014/09/28/418366.html//www.cqk4s.cn/fancydeepin/archive/2014/09/28/linux.html

17锛巙buntu 闃茬伀澧?/a>
16锛巙buntu 寮鍚?ssh 鏈嶅姟
15锛巙buntu jdk 瀹夎涓庨厤缃?/a>
14锛巙buntu tomcat 瀹夎涓庨厤缃?/a>
13锛巙buntu mysql 瀹夎
12锛巙buntu root 鍜?user 鐢ㄦ埛鍒囨崲
11锛巐inux more 鍛戒护
10锛巐inux tar 鍛戒护
09锛巐inux chmod 鍛戒护
08锛巐inux touch 鍛戒护
07锛巐inux cat 鍛戒护
06锛巐inux mv 鍛戒护
05锛巐inux rm 鍛戒护
04锛巐inux cp 鍛戒护
03锛巐inux mkdir 鍛戒护
02锛巐inux cd 鍛戒护
01锛巐inux ls 鍛戒护

浜戜簯 2014-09-28 23:45 鍙戣〃璇勮
]]>
Java鍔ㄦ佷唬鐞嗘満鍒惰瑙o紙JDK 鍜孋GLIB锛孞avassist锛孉SM锛塠杞琞 - ▼幸运赛车规则▼幸运赛车投注▼幸运赛车开奖结果查询▼湖南幸运赛车开奖奖金▼幸运赛车走势▼//www.cqk4s.cn/hello-yun/archive/2014/09/28/418365.html浜戜簯浜戜簯Sun, 28 Sep 2014 15:44:00 GMT//www.cqk4s.cn/hello-yun/archive/2014/09/28/418365.html闃呰鍏ㄦ枃

浜戜簯 2014-09-28 23:44 鍙戣〃璇勮
]]>
鍚庡彴 xss 鎺у埗 - ▼幸运赛车规则▼幸运赛车投注▼幸运赛车开奖结果查询▼湖南幸运赛车开奖奖金▼幸运赛车走势▼//www.cqk4s.cn/hello-yun/archive/2014/09/28/418353.html浜戜簯浜戜簯Sun, 28 Sep 2014 05:49:00 GMT//www.cqk4s.cn/hello-yun/archive/2014/09/28/418353.html//www.cqk4s.cn/hello-yun/comments/418353.html//www.cqk4s.cn/hello-yun/archive/2014/09/28/418353.html#Feedback0//www.cqk4s.cn/hello-yun/comments/commentRss/418353.html//www.cqk4s.cn/hello-yun/services/trackbacks/418353.html 
package com.qiyi.appstore.util;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.qiyi.appstore.exception.AppStoreException;
import com.qiyi.cloud.user.ApiCode;
public class XssUtils {
private static final Logger logger=LoggerFactory.getLogger(XssUtils.class);
public static String getSafeStringXSS(String s){
      if (StringUtils.isBlank(s)) {  
          return s;  
      }  
      StringBuilder sb = new StringBuilder(s.length() + 16);  
      for (int i = 0; i < s.length(); i++) {  
          char c = s.charAt(i);  
          switch (c) {  
          case '<':  
              sb.append("&lt;");  
              break; 
          case '>':  
              sb.append("&gt;");  
              break;  
          case '\'':  
              sb.append("&prime;");// &acute;");  
              break;  
          case '′':  
              sb.append("&prime;");// &acute;");  
              break;  
          case '\"':  
              sb.append("&quot;");  
              break;  
          case '锛?:  
              sb.append("&quot;");  
              break;  
          case '&':  
              sb.append("锛?);  
              break;  
          case '#':  
              sb.append("锛?);  
              break;  
          case '\\':  
              sb.append('锟?);  
              break; 
          case '=':  
              sb.append("=");  
              break;
          default:  
              sb.append(c);  
              break;  
          }  
      }  
      return sb.toString(); 
  }
public static <T> void getXssSaftBean(Class<?> clz,T bean) throws IllegalAccessException, InvocationTargetException, NoSuchMethodException{
String classname = clz.getSimpleName();
logger.info("map target class name is {} .",classname);
Field[] fields = clz.getDeclaredFields();
for(Field field : fields){
Class<?> type = field.getType();
if(type.equals(String.class)){
String fieldname = field.getName();
String value = BeanUtils.getProperty(bean, fieldname);
if(StringUtils.isNotBlank(value)){
BeanUtils.setProperty(bean, fieldname, getSafeStringXSS(value));
}
}
}
}
}


浜戜簯 2014-09-28 13:49 鍙戣〃璇勮
]]>
鎻愬崌tomcat 鎬ц兘 apr鎵╁睍lib - ▼幸运赛车规则▼幸运赛车投注▼幸运赛车开奖结果查询▼湖南幸运赛车开奖奖金▼幸运赛车走势▼//www.cqk4s.cn/hello-yun/archive/2014/01/16/409026.html浜戜簯浜戜簯Thu, 16 Jan 2014 06:50:00 GMT//www.cqk4s.cn/hello-yun/archive/2014/01/16/409026.html//www.cqk4s.cn/hello-yun/comments/409026.html//www.cqk4s.cn/hello-yun/archive/2014/01/16/409026.html#Feedback0//www.cqk4s.cn/hello-yun/comments/commentRss/409026.html//www.cqk4s.cn/hello-yun/services/trackbacks/409026.html鎻愬崌tomcat 鎬ц兘 apr鎵╁睍lib
浣跨敤apr绫诲簱 鍙互璁﹖omcat鐨勬ц兘鎻愬崌鍒?鍒?鍊? 
鐩墠椤圭洰涓兘浣跨敤杩欐牱鐨勯厤缃?br />
<Connector port="8080" protocol="org.apache.coyote.http11.Http11AprProtocol" URIEncoding="UTF-8"
               enableLookups="false"
               acceptCount="300"
               connectionTimeout="20000"
               disableUploadTimeout="true" maxThreads="1000" maxSpareThreads="50" minSpareThreads="25"
               redirectPort="8443" />


catalia.sh 
CATALINA_OPTS="$CATALINA_OPTS -Djava.library.path=/usr/local/apr/lib"


浜戜簯 2014-01-16 14:50 鍙戣〃璇勮
]]>
redis 璁剧疆鍒嗗竷寮忛攣 - ▼幸运赛车规则▼幸运赛车投注▼幸运赛车开奖结果查询▼湖南幸运赛车开奖奖金▼幸运赛车走势▼//www.cqk4s.cn/hello-yun/archive/2014/01/15/408988.html浜戜簯浜戜簯Wed, 15 Jan 2014 11:00:00 GMT//www.cqk4s.cn/hello-yun/archive/2014/01/15/408988.html//www.cqk4s.cn/hello-yun/comments/408988.html//www.cqk4s.cn/hello-yun/archive/2014/01/15/408988.html#Feedback1//www.cqk4s.cn/hello-yun/comments/commentRss/408988.html//www.cqk4s.cn/hello-yun/services/trackbacks/408988.html闃呰鍏ㄦ枃

浜戜簯 2014-01-15 19:00 鍙戣〃璇勮
]]>
Eclipse鑳屾櫙棰滆壊鍜屽瓧浣撻厤缃?/title><link>//www.cqk4s.cn/hello-yun/archive/2014/01/09/408739.html</link><dc:creator>浜戜簯</dc:creator><author>浜戜簯</author><pubDate>Thu, 09 Jan 2014 08:41:00 GMT</pubDate><guid>//www.cqk4s.cn/hello-yun/archive/2014/01/09/408739.html</guid><wfw:comment>//www.cqk4s.cn/hello-yun/comments/408739.html</wfw:comment><comments>//www.cqk4s.cn/hello-yun/archive/2014/01/09/408739.html#Feedback</comments><slash:comments>0</slash:comments><wfw:commentRss>//www.cqk4s.cn/hello-yun/comments/commentRss/408739.html</wfw:commentRss><trackback:ping>//www.cqk4s.cn/hello-yun/services/trackbacks/408739.html</trackback:ping><description><![CDATA[<div style="margin: 0px; color: #333333; font-family: 寰蒋闆呴粦, Verdana, sans-serif, 瀹嬩綋; font-size: 13px; line-height: 23px; background-color: #ffffff;">瀵筫clipse鐨勯粯璁ら厤缃緢涓嶇埥锛岄粦鑹插瓧浣撶櫧鑹插簳濂藉埡鐪硷紝鑰屼笖瀛椾綋涔犳儻鐢–ourier New</div><div style="margin: 0px; color: #333333; font-family: 寰蒋闆呴粦, Verdana, sans-serif, 瀹嬩綋; font-size: 13px; line-height: 23px; background-color: #ffffff;"></div><div style="margin: 0px; color: #333333; font-family: 寰蒋闆呴粦, Verdana, sans-serif, 瀹嬩綋; font-size: 13px; line-height: 23px; background-color: #ffffff;"><div style="margin: 0px;">鏀瑰彉鑳屾櫙棰滆壊锛?/div><div style="margin: 0px;">windows->Preferences->General->Editor->Text Editors</div><div style="margin: 0px;">鍙宠竟閫夋嫨Appearance color options </div><div style="margin: 0px;">閫塀ackground color 閫夋嫨鑳屾櫙棰滆壊</div><div style="margin: 0px;">涓汉姣旇緝鑸掓湇鐨勮眴娌欑豢鑹插拰榛戣壊鑳屾櫙锛屼絾榛戣壊鑳屾櫙杩樿鎶婂叾浠栫殑瀛椾綋棰滆壊涔熸敼浜嗘墠濂界湅锛岃屼笖璞嗘矙缁胯壊璺熼粯璁ょ殑瀛椾綋棰滆壊鎼厤鐨勫緢濂姐?/div><div style="margin: 0px;">璞嗘矙缁胯壊锛堣壊璋冿細85   楗卞拰搴︼細123   浜害锛?05 锛?/div><div style="margin: 0px;">鎹杩欎釜鑹茶皟鏄溂绉戜笓瀹堕厤鐨勶紝 鍥犲叾棰滆壊姣旇緝鏌斿拰锛屾嵁璇撮槄璇荤殑鏃跺欑敤杩欑棰滆壊鍋氳儗鏅湁鍒╀簬淇濇姢鐪肩潧锛?word搴曡壊灏辫澶氫汉璁剧疆鎴愯眴娌欑豢鑹层?/div><div style="margin: 0px;"></div><div style="margin: 0px;">xml鐨勫瓧浣撹皟鏁达細 </div><div style="margin: 0px;">window--preferences--General--appearance--colors and fonts--Basic-- "Text font "  </div><div style="margin: 0px;">鐒跺悗鐐筩hange,鍙互璁剧疆瀛椾綋锛屾垜鍠滄Courier New</div><div style="margin: 0px;"></div><div style="margin: 0px;">Java鐨勫瓧浣撹皟鏁达細 </div><div style="margin: 0px;">window--preferences--General--appearance--colors and fonts--java </div></div><img src ="//www.cqk4s.cn/hello-yun/aggbug/408739.html" width = "1" height = "1" /><br><br><div align=right><a style="text-decoration:none;" href="//www.cqk4s.cn/hello-yun/" target="_blank">浜戜簯</a> 2014-01-09 16:41 <a href="//www.cqk4s.cn/hello-yun/archive/2014/01/09/408739.html#Feedback" target="_blank" style="text-decoration:none;">鍙戣〃璇勮</a></div>]]></description></item><item><title>鍒犻櫎鏂囦欢鐨剆vn淇℃伅 瑙e喅浠庡叾瀹冭矾寰勬嫹杩囨潵鐨勬枃浠跺甫鏈夎矾寰勪俊鎭?鏃犳硶鎻愪氦鐨勯棶棰?/title><link>//www.cqk4s.cn/hello-yun/archive/2013/12/05/407259.html</link><dc:creator>浜戜簯</dc:creator><author>浜戜簯</author><pubDate>Thu, 05 Dec 2013 09:17:00 GMT</pubDate><guid>//www.cqk4s.cn/hello-yun/archive/2013/12/05/407259.html</guid><wfw:comment>//www.cqk4s.cn/hello-yun/comments/407259.html</wfw:comment><comments>//www.cqk4s.cn/hello-yun/archive/2013/12/05/407259.html#Feedback</comments><slash:comments>0</slash:comments><wfw:commentRss>//www.cqk4s.cn/hello-yun/comments/commentRss/407259.html</wfw:commentRss><trackback:ping>//www.cqk4s.cn/hello-yun/services/trackbacks/407259.html</trackback:ping><description><![CDATA[<p align="left">鏈夋椂鍊欏湪椤圭洰涓?浼氬彉鍖栬矾寰?鎶婂師鏈夎矾寰勭殑鏂囦欢鎷峰埌鏂扮殑璺緞涓嬮潰<br />鍐嶅垹闄ゅ師鏉ヤ笉鎯崇殑璺緞鍐嶆彁浜や竴娆?杩欐牱浠ユ潵 鍘熸潵鐨勮矾寰勭‘瀹炰笉瀛樺湪浜?br />浣嗘槸鎷疯繃鏉ョ殑鏂囦欢甯︽湁鍘熸潵璺緞鐨剆vn淇℃伅 杩欐牱浠ユ潵 鍦ㄦ彁浜ょ殑鏃跺?灏辨棤娉曟彁浜?br />鎯宠鏂囦欢鎸夌収鐨勮矾寰勬彁浜?浣嗗缁坰vn杩樻槸鍐嶅線浠ュ墠鐨勮矾寰勬彁浜?骞舵彁绀轰綘璺緞涓嶅瓨鍦?br />鍦ㄧ綉涓婃悳浜嗕笅 濡備綍鍒犻櫎鏂囦欢鑷甫鐨剆vn璺緞淇℃伅 <br />鎸夌収涓嬮潰鐨勬柟寮忔潵鎿嶄綔鍗冲彲</p> <p style="text-align: left; padding-bottom: 0px; text-transform: none; background-color: rgb(255,255,255); text-indent: 0px; margin: 0px 0px 10px; padding-left: 0px; padding-right: 0px; font: 16px/28px 'Hiragino Sans GB W3', 'Hiragino Sans GB', Arial, Helvetica, simsun, u5b8bu4f53; white-space: normal; letter-spacing: normal; color: rgb(13,13,13); word-spacing: 0px; padding-top: 0px; -webkit-text-stroke-width: 0px">Windows Registry Editor Version 5.00<br style="line-height: 28px" />[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shell\DeleteSVN]<span class="Apple-converted-space"> </span><br style="line-height: 28px" />@="鍒犻櫎璇ョ洰褰曚笅闈?svn鏂囦欢"<br style="line-height: 28px" />[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shell\DeleteSVN\command]<span class="Apple-converted-space"> </span><br style="line-height: 28px" />@="cmd.exe /c \"TITLE Removing SVN Folders in %1 && COLOR 9A && FOR /r \"%1\" %%f IN (.svn) DO RD /s /q \"%%f\" \""</p> <p style="text-align: left; padding-bottom: 0px; text-transform: none; background-color: rgb(255,255,255); text-indent: 0px; margin: 0px 0px 10px; padding-left: 0px; padding-right: 0px; font: 16px/28px 'Hiragino Sans GB W3', 'Hiragino Sans GB', Arial, Helvetica, simsun, u5b8bu4f53; white-space: normal; letter-spacing: normal; color: rgb(13,13,13); word-spacing: 0px; padding-top: 0px; -webkit-text-stroke-width: 0px"><br style="line-height: 28px" />鎶婁笂闈㈣繖娈垫枃瀛椾繚瀛橀棶涓涓狣one.reg鏂囦欢<br style="line-height: 28px" />鐒跺悗鎵ц,瀵煎叆鍒版敞鍐岃〃<br style="line-height: 28px" />灏变細鍦ㄤ綘鍙抽敭涓涓枃浠跺す鐨勬椂鍊欏鍑烘潵涓涓彍鍗?鍒犻櫎璇ョ洰褰曚笅闈?svn鏂囦欢"<br style="line-height: 28px" />鎵ц璇ュ懡浠ゅ嵆鍙?/p> <p align="left"> </p><img src ="//www.cqk4s.cn/hello-yun/aggbug/407259.html" width = "1" height = "1" /><br><br><div align=right><a style="text-decoration:none;" href="//www.cqk4s.cn/hello-yun/" target="_blank">浜戜簯</a> 2013-12-05 17:17 <a href="//www.cqk4s.cn/hello-yun/archive/2013/12/05/407259.html#Feedback" target="_blank" style="text-decoration:none;">鍙戣〃璇勮</a></div>]]></description></item><item><title>mybatis No enum const class org.apache.ibatis.type.JdbcType.Date 鍧戠埞鐨勯厤缃?/title><link>//www.cqk4s.cn/hello-yun/archive/2013/11/26/406862.html</link><dc:creator>浜戜簯</dc:creator><author>浜戜簯</author><pubDate>Tue, 26 Nov 2013 13:02:00 GMT</pubDate><guid>//www.cqk4s.cn/hello-yun/archive/2013/11/26/406862.html</guid><wfw:comment>//www.cqk4s.cn/hello-yun/comments/406862.html</wfw:comment><comments>//www.cqk4s.cn/hello-yun/archive/2013/11/26/406862.html#Feedback</comments><slash:comments>1</slash:comments><wfw:commentRss>//www.cqk4s.cn/hello-yun/comments/commentRss/406862.html</wfw:commentRss><trackback:ping>//www.cqk4s.cn/hello-yun/services/trackbacks/406862.html</trackback:ping><description><![CDATA[鍦╥batis涓笉闇瑕佸叧娉ㄨ繖浜涘弬鏁?鑰岃浆鍒癿ybatis鍚?濡傛灉瀛楁鍊间负绌?蹇呴』璁剧疆jdbcType<br />濡?br />insert into testTable<br />   (ID,<br />   NAME,<br />   DESCRIPTION,<br />   IMAGEURL,<br />   LINKURL,<br />   ISALWAYS,<br />   ISDISPLAYINDEX,<br />   DISPLAYWEIGHT,<br />   STARTTIME,<br />   ENDTIME,<br />   CREATOR,<br />   CREATTIME,<br />   MODIFYTIME)<br />  values<br />   (SEQ_ACTIVITY_TABLE.NEXTVAL,<br />   #{name},<br />   #{desc,jdbcType=VARCHAR},<br />   #{imageUrl,jdbcType=VARCHAR},<br />   #{linkUrl,jdbcType=VARCHAR},<br />   #{isAlways,jdbcType=CHAR},<br />   #{isDisplayIndex,jdbcType=CHAR},<br />   #{displayWeight,jdbcType=VARCHAR},<br />   #{startTime,jdbcType=DATE},<br />   #{endTime,jdbcType=DATE},<br />   #{creator,jdbcType=VARCHAR},<br />   sysdate,<br />   sysdate<br />   )<br /> </insert><br /><br />杩欎簺璁剧疆涔嬪锛屽お鐑︿簡锛屾渶璁╀汉鐑︾殑鏄?nbsp; jdbcType = DATE锛岀被鍨嬭繕蹇呴』澶у啓锛屼笉鑳藉皬鍐欍?br />濡備笅闈㈢殑渚嬪瓙锛屽皢DATE 鏀规垚 Date 銆傜粨鏋滆浜哄緢鎶撶媯鍟婏紒锛侊紒<br />insert into testTable<br />   (ID,<br />   NAME,<br />   DESCRIPTION,<br />   IMAGEURL,<br />   LINKURL,<br />   ISALWAYS,<br />   ISDISPLAYINDEX,<br />   DISPLAYWEIGHT,<br />   STARTTIME,<br />   ENDTIME,<br />   CREATOR,<br />   CREATTIME,<br />   MODIFYTIME)<br />  values<br />   (SEQ_ACTIVITY_TABLE.NEXTVAL,<br />   #{name},<br />   #{desc,jdbcType=VARCHAR},<br />   #{imageUrl,jdbcType=VARCHAR},<br />   #{linkUrl,jdbcType=VARCHAR},<br />   #{isAlways,jdbcType=CHAR},<br />   #{isDisplayIndex,jdbcType=CHAR},<br />   #{displayWeight,jdbcType=VARCHAR},<br />   #{startTime,jdbcType=Date},<br />   #{endTime,jdbcType=DATE},<br />   #{creator,jdbcType=VARCHAR},<br />   sysdate,<br />   sysdate<br />   )<br /> </insert><br /><pre style="line-height: normal; text-transform: none; font-variant: normal; font-style: normal; text-indent: 0px; letter-spacing: normal; color: rgb(0,0,0); font-weight: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px">org.mybatis.spring.MyBatisSystemException: nested exception is org.apache.ibatis.builder.BuilderException: Error resolving JdbcType. Cause: java.lang.IllegalArgumentException: No enum const class org.apache.ibatis.type.JdbcType.Date org.mybatis.spring.MyBatisExceptionTranslator.translateExceptionIfPossible(MyBatisExceptionTranslator.java:75) org.mybatis.spring.SqlSessionTemplate$SqlSessionInterceptor.invoke(SqlSessionTemplate.java:368)</pre>鏇村潙鐖圭殑鍦ㄥ悗闈紝涓婇潰insert鏃剁殑鏃跺欑敤#{endTime,jdbcType=DATE},鍙互灏嗘椂闂存彃鍏ユ垚鍔燂紝涓斿彲浠ョ簿纭埌鏃跺垎绉?br />浣嗗鏋滃湪update璇彞涓篃杩欐牱浣跨敤锛岄偅浣犲緱鍒扮殑鍙細鏈夋棩鏈燂紝杩欏鍧戠埞鐨勪簡鍚?锛屽凹鐜?nbsp; 姣旇捣ibatis鏂逛究涔嬪宸繙浜?br />瑕佹兂鍦╱pdate璇彞涓?灏嗘椂闂存牸寮忓寲鎴愭椂鍒嗙 涓嶅緱涓嶅啀鍔犱竴涓被鍨?濡備笅闈細<br />startTime = #{startTime,javaType=DATE, jdbcType=VARCHAR} <br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><img src ="//www.cqk4s.cn/hello-yun/aggbug/406862.html" width = "1" height = "1" /><br><br><div align=right><a style="text-decoration:none;" href="//www.cqk4s.cn/hello-yun/" target="_blank">浜戜簯</a> 2013-11-26 21:02 <a href="//www.cqk4s.cn/hello-yun/archive/2013/11/26/406862.html#Feedback" target="_blank" style="text-decoration:none;">鍙戣〃璇勮</a></div>]]></description></item><item><title>璧拌繃璺繃 涓嶈閿欒繃鐨勫ソ鏂囩珷 CSRF 闃插尽鏂规硶閫夋嫨涔嬮亾 - ▼幸运赛车规则▼幸运赛车投注▼幸运赛车开奖结果查询▼湖南幸运赛车开奖奖金▼幸运赛车走势▼//www.cqk4s.cn/hello-yun/archive/2013/11/05/406028.html浜戜簯浜戜簯Tue, 05 Nov 2013 12:53:00 GMT//www.cqk4s.cn/hello-yun/archive/2013/11/05/406028.html//www.cqk4s.cn/hello-yun/comments/406028.html//www.cqk4s.cn/hello-yun/archive/2013/11/05/406028.html#Feedback0//www.cqk4s.cn/hello-yun/comments/commentRss/406028.html//www.cqk4s.cn/hello-yun/services/trackbacks/406028.htmlCSRF 鑳屾櫙涓庝粙缁?/strong>

CSRF锛圕ross Site Request Forgery, 璺ㄧ珯鍩熻姹備吉閫狅級鏄竴绉嶇綉缁滅殑鏀诲嚮鏂瑰紡锛屽畠鍦?2007 骞存浘琚垪涓轰簰鑱旂綉 20 澶у畨鍏ㄩ殣鎮d箣涓銆傚叾浠栧畨鍏ㄩ殣鎮o紝姣斿 SQL 鑴氭湰娉ㄥ叆锛岃法绔欏煙鑴氭湰鏀诲嚮绛夊湪杩戝勾鏉ュ凡缁忛愭笎涓轰紬浜虹啛鐭ワ紝寰堝缃戠珯涔熼兘閽堝浠栦滑杩涜浜嗛槻寰°傜劧鑰岋紝瀵逛簬澶у鏁颁汉鏉ヨ锛孋SRF 鍗翠緷鐒舵槸涓涓檶鐢熺殑姒傚康銆傚嵆渚挎槸澶у悕榧庨紟鐨?Gmail, 鍦?2007 骞村簳涔熷瓨鍦ㄧ潃 CSRF 婕忔礊锛屼粠鑰岃榛戝鏀诲嚮鑰屼娇 Gmail 鐨勭敤鎴烽犳垚宸ㄥぇ鐨勬崯澶便?/p>

CSRF 鏀诲嚮瀹炰緥

CSRF 鏀诲嚮鍙互鍦ㄥ彈瀹宠呮涓嶇煡鎯呯殑鎯呭喌涓嬩互鍙楀鑰呭悕涔変吉閫犺姹傚彂閫佺粰鍙楁敾鍑荤珯鐐癸紝浠庤屽湪骞舵湭鎺堟潈鐨勬儏鍐典笅鎵ц鍦ㄦ潈闄愪繚鎶や箣涓嬬殑鎿嶄綔銆傛瘮濡傝锛屽彈瀹宠?Bob 鍦ㄩ摱琛屾湁涓绗斿瓨娆撅紝閫氳繃瀵归摱琛岀殑缃戠珯鍙戦佽姹?//bank.example/withdraw?account=bob&amount=1000000&for=bob2 鍙互浣?Bob 鎶?1000000 鐨勫瓨娆捐浆鍒?bob2 鐨勮处鍙蜂笅銆傞氬父鎯呭喌涓嬶紝璇ヨ姹傚彂閫佸埌缃戠珯鍚庯紝鏈嶅姟鍣ㄤ細鍏堥獙璇佽璇锋眰鏄惁鏉ヨ嚜涓涓悎娉曠殑 session锛屽苟涓旇 session 鐨勭敤鎴?Bob 宸茬粡鎴愬姛鐧婚檰銆傞粦瀹?Mallory 鑷繁鍦ㄨ閾惰涔熸湁璐︽埛锛屼粬鐭ラ亾涓婃枃涓殑 URL 鍙互鎶婇挶杩涜杞笎鎿嶄綔銆侻allory 鍙互鑷繁鍙戦佷竴涓姹傜粰閾惰锛//bank.example/withdraw?account=bob&amount=1000000&for=Mallory銆備絾鏄繖涓姹傛潵鑷?Mallory 鑰岄潪 Bob锛屼粬涓嶈兘閫氳繃瀹夊叏璁よ瘉锛屽洜姝よ璇锋眰涓嶄細璧蜂綔鐢ㄣ傝繖鏃讹紝Mallory 鎯冲埌浣跨敤 CSRF 鐨勬敾鍑绘柟寮忥紝浠栧厛鑷繁鍋氫竴涓綉绔欙紝鍦ㄧ綉绔欎腑鏀惧叆濡備笅浠g爜锛?src=”//bank.example/withdraw?account=bob&amount=1000000&for=Mallory ”锛屽苟涓旈氳繃骞垮憡绛夎浣?Bob 鏉ヨ闂粬鐨勭綉绔欍傚綋 Bob 璁块棶璇ョ綉绔欐椂锛屼笂杩?url 灏变細浠?Bob 鐨勬祻瑙堝櫒鍙戝悜閾惰锛岃岃繖涓姹備細闄勫甫 Bob 娴忚鍣ㄤ腑鐨?cookie 涓璧峰彂鍚戦摱琛屾湇鍔″櫒銆傚ぇ澶氭暟鎯呭喌涓嬶紝璇ヨ姹備細澶辫触锛屽洜涓轰粬瑕佹眰 Bob 鐨勮璇佷俊鎭備絾鏄紝濡傛灉 Bob 褰撴椂鎭板阀鍒氳闂粬鐨勯摱琛屽悗涓嶄箙锛屼粬鐨勬祻瑙堝櫒涓庨摱琛岀綉绔欎箣闂寸殑 session 灏氭湭杩囨湡锛屾祻瑙堝櫒鐨?cookie 涔嬩腑鍚湁 Bob 鐨勮璇佷俊鎭傝繖鏃讹紝鎮插墽鍙戠敓浜嗭紝杩欎釜 url 璇锋眰灏变細寰楀埌鍝嶅簲锛岄挶灏嗕粠 Bob 鐨勮处鍙疯浆绉诲埌 Mallory 鐨勮处鍙凤紝鑰?Bob 褰撴椂姣笉鐭ユ儏銆傜瓑浠ュ悗 Bob 鍙戠幇璐︽埛閽卞皯浜嗭紝鍗充娇浠栧幓閾惰鏌ヨ鏃ュ織锛屼粬涔熷彧鑳藉彂鐜扮‘瀹炴湁涓涓潵鑷簬浠栨湰浜虹殑鍚堟硶璇锋眰杞Щ浜嗚祫閲戯紝娌℃湁浠讳綍琚敾鍑荤殑鐥曡抗銆傝?Mallory 鍒欏彲浠ユ嬁鍒伴挶鍚庨嶉仴娉曞銆?/p>

CSRF 鏀诲嚮鐨勫璞?/strong>

鍦ㄨ璁哄浣曟姷寰?CSRF 涔嬪墠锛屽厛瑕佹槑纭?CSRF 鏀诲嚮鐨勫璞★紝涔熷氨鏄淇濇姢鐨勫璞°備粠浠ヤ笂鐨勪緥瀛愬彲鐭ワ紝CSRF 鏀诲嚮鏄粦瀹㈠熷姪鍙楀鑰呯殑 cookie 楠楀彇鏈嶅姟鍣ㄧ殑淇′换锛屼絾鏄粦瀹㈠苟涓嶈兘鎷垮埌 cookie锛屼篃鐪嬩笉鍒?cookie 鐨勫唴瀹广傚彟澶栵紝瀵逛簬鏈嶅姟鍣ㄨ繑鍥炵殑缁撴灉锛岀敱浜庢祻瑙堝櫒鍚屾簮绛栫暐鐨勯檺鍒讹紝榛戝涔熸棤娉曡繘琛岃В鏋愩傚洜姝わ紝榛戝鏃犳硶浠庤繑鍥炵殑缁撴灉涓緱鍒颁换浣曚笢瑗匡紝浠栨墍鑳藉仛鐨勫氨鏄粰鏈嶅姟鍣ㄥ彂閫佽姹傦紝浠ユ墽琛岃姹備腑鎵鎻忚堪鐨勫懡浠わ紝鍦ㄦ湇鍔″櫒绔洿鎺ユ敼鍙樻暟鎹殑鍊硷紝鑰岄潪绐冨彇鏈嶅姟鍣ㄤ腑鐨勬暟鎹傛墍浠ワ紝鎴戜滑瑕佷繚鎶ょ殑瀵硅薄鏄偅浜涘彲浠ョ洿鎺ヤ骇鐢熸暟鎹敼鍙樼殑鏈嶅姟锛岃屽浜庤鍙栨暟鎹殑鏈嶅姟锛屽垯涓嶉渶瑕佽繘琛?CSRF 鐨勪繚鎶ゃ傛瘮濡傞摱琛岀郴缁熶腑杞处鐨勮姹備細鐩存帴鏀瑰彉璐︽埛鐨勯噾棰濓紝浼氶伃鍒?CSRF 鏀诲嚮锛岄渶瑕佷繚鎶ゃ傝屾煡璇綑棰濇槸瀵归噾棰濈殑璇诲彇鎿嶄綔锛屼笉浼氭敼鍙樻暟鎹紝CSRF 鏀诲嚮鏃犳硶瑙f瀽鏈嶅姟鍣ㄨ繑鍥炵殑缁撴灉锛屾棤闇淇濇姢銆?/p>

褰撳墠闃插尽 CSRF 鐨勫嚑绉嶇瓥鐣?/strong>

鍦ㄤ笟鐣岀洰鍓嶉槻寰?CSRF 鏀诲嚮涓昏鏈変笁绉嶇瓥鐣ワ細楠岃瘉 HTTP Referer 瀛楁锛涘湪璇锋眰鍦板潃涓坊鍔?token 骞堕獙璇侊紱鍦?HTTP 澶翠腑鑷畾涔夊睘鎬у苟楠岃瘉銆備笅闈㈠氨鍒嗗埆瀵硅繖涓夌绛栫暐杩涜璇︾粏浠嬬粛銆?/p>

楠岃瘉 HTTP Referer 瀛楁

鏍规嵁 HTTP 鍗忚锛屽湪 HTTP 澶翠腑鏈変竴涓瓧娈靛彨 Referer锛屽畠璁板綍浜嗚 HTTP 璇锋眰鐨勬潵婧愬湴鍧銆傚湪閫氬父鎯呭喌涓嬶紝璁块棶涓涓畨鍏ㄥ彈闄愰〉闈㈢殑璇锋眰鏉ヨ嚜浜庡悓涓涓綉绔欙紝姣斿闇瑕佽闂?//bank.example/withdraw?account=bob&amount=1000000&for=Mallory锛岀敤鎴峰繀椤诲厛鐧婚檰 bank.example锛岀劧鍚庨氳繃鐐瑰嚮椤甸潰涓婄殑鎸夐挳鏉ヨЕ鍙戣浆璐︿簨浠躲傝繖鏃讹紝璇ヨ浆甯愯姹傜殑 Referer 鍊煎氨浼氭槸杞处鎸夐挳鎵鍦ㄧ殑椤甸潰鐨?URL锛岄氬父鏄互 bank.example 鍩熷悕寮澶寸殑鍦板潃銆傝屽鏋滈粦瀹㈣瀵归摱琛岀綉绔欏疄鏂?CSRF 鏀诲嚮锛屼粬鍙兘鍦ㄤ粬鑷繁鐨勭綉绔欐瀯閫犺姹傦紝褰撶敤鎴烽氳繃榛戝鐨勭綉绔欏彂閫佽姹傚埌閾惰鏃讹紝璇ヨ姹傜殑 Referer 鏄寚鍚戦粦瀹㈣嚜宸辩殑缃戠珯銆傚洜姝わ紝瑕侀槻寰?CSRF 鏀诲嚮锛岄摱琛岀綉绔欏彧闇瑕佸浜庢瘡涓涓浆璐﹁姹傞獙璇佸叾 Referer 鍊硷紝濡傛灉鏄互 bank.example 寮澶寸殑鍩熷悕锛屽垯璇存槑璇ヨ姹傛槸鏉ヨ嚜閾惰缃戠珯鑷繁鐨勮姹傦紝鏄悎娉曠殑銆傚鏋?Referer 鏄叾浠栫綉绔欑殑璇濓紝鍒欐湁鍙兘鏄粦瀹㈢殑 CSRF 鏀诲嚮锛屾嫆缁濊璇锋眰銆?/p>

杩欑鏂规硶鐨勬樉鑰屾槗瑙佺殑濂藉灏辨槸绠鍗曟槗琛岋紝缃戠珯鐨勬櫘閫氬紑鍙戜汉鍛樹笉闇瑕佹搷蹇?CSRF 鐨勬紡娲烇紝鍙渶瑕佸湪鏈鍚庣粰鎵鏈夊畨鍏ㄦ晱鎰熺殑璇锋眰缁熶竴澧炲姞涓涓嫤鎴櫒鏉ユ鏌?Referer 鐨勫煎氨鍙互銆傜壒鍒槸瀵逛簬褰撳墠鐜版湁鐨勭郴缁燂紝涓嶉渶瑕佹敼鍙樺綋鍓嶇郴缁熺殑浠讳綍宸叉湁浠g爜鍜岄昏緫锛屾病鏈夐闄╋紝闈炲父渚挎嵎銆?/p>

鐒惰岋紝杩欑鏂规硶骞堕潪涓囨棤涓澶便俁eferer 鐨勫兼槸鐢辨祻瑙堝櫒鎻愪緵鐨勶紝铏界劧 HTTP 鍗忚涓婃湁鏄庣‘鐨勮姹傦紝浣嗘槸姣忎釜娴忚鍣ㄥ浜?Referer 鐨勫叿浣撳疄鐜板彲鑳芥湁宸埆锛屽苟涓嶈兘淇濊瘉娴忚鍣ㄨ嚜韬病鏈夊畨鍏ㄦ紡娲炪備娇鐢ㄩ獙璇?Referer 鍊肩殑鏂规硶锛屽氨鏄妸瀹夊叏鎬ч兘渚濊禆浜庣涓夋柟锛堝嵆娴忚鍣級鏉ヤ繚闅滐紝浠庣悊璁轰笂鏉ヨ锛岃繖鏍峰苟涓嶅畨鍏ㄣ備簨瀹炰笂锛屽浜庢煇浜涙祻瑙堝櫒锛屾瘮濡?IE6 鎴?FF2锛岀洰鍓嶅凡缁忔湁涓浜涙柟娉曞彲浠ョ鏀?Referer 鍊笺傚鏋?bank.example 缃戠珯鏀寔 IE6 娴忚鍣紝榛戝瀹屽叏鍙互鎶婄敤鎴锋祻瑙堝櫒鐨?Referer 鍊艰涓轰互 bank.example 鍩熷悕寮澶寸殑鍦板潃锛岃繖鏍峰氨鍙互閫氳繃楠岃瘉锛屼粠鑰岃繘琛?CSRF 鏀诲嚮銆?/p>

鍗充究鏄娇鐢ㄦ渶鏂扮殑娴忚鍣紝榛戝鏃犳硶绡℃敼 Referer 鍊硷紝杩欑鏂规硶浠嶇劧鏈夐棶棰樸傚洜涓?Referer 鍊间細璁板綍涓嬬敤鎴风殑璁块棶鏉ユ簮锛屾湁浜涚敤鎴疯涓鸿繖鏍蜂細渚电姱鍒颁粬浠嚜宸辩殑闅愮鏉冿紝鐗瑰埆鏄湁浜涚粍缁囨媴蹇?Referer 鍊间細鎶婄粍缁囧唴缃戜腑鐨勬煇浜涗俊鎭硠闇插埌澶栫綉涓傚洜姝わ紝鐢ㄦ埛鑷繁鍙互璁剧疆娴忚鍣ㄤ娇鍏跺湪鍙戦佽姹傛椂涓嶅啀鎻愪緵 Referer銆傚綋浠栦滑姝e父璁块棶閾惰缃戠珯鏃讹紝缃戠珯浼氬洜涓鸿姹傛病鏈?Referer 鍊艰岃涓烘槸 CSRF 鏀诲嚮锛屾嫆缁濆悎娉曠敤鎴风殑璁块棶銆?/p>

鍦ㄨ姹傚湴鍧涓坊鍔?token 骞堕獙璇?/strong>

CSRF 鏀诲嚮涔嬫墍浠ヨ兘澶熸垚鍔燂紝鏄洜涓洪粦瀹㈠彲浠ュ畬鍏ㄤ吉閫犵敤鎴风殑璇锋眰锛岃璇锋眰涓墍鏈夌殑鐢ㄦ埛楠岃瘉淇℃伅閮芥槸瀛樺湪浜?cookie 涓紝鍥犳榛戝鍙互鍦ㄤ笉鐭ラ亾杩欎簺楠岃瘉淇℃伅鐨勬儏鍐典笅鐩存帴鍒╃敤鐢ㄦ埛鑷繁鐨?cookie 鏉ラ氳繃瀹夊叏楠岃瘉銆傝鎶靛尽 CSRF锛屽叧閿湪浜庡湪璇锋眰涓斁鍏ラ粦瀹㈡墍涓嶈兘浼犵殑淇℃伅锛屽苟涓旇淇℃伅涓嶅瓨鍦ㄤ簬 cookie 涔嬩腑銆傚彲浠ュ湪 HTTP 璇锋眰涓互鍙傛暟鐨勫舰寮忓姞鍏ヤ竴涓殢鏈轰骇鐢熺殑 token锛屽苟鍦ㄦ湇鍔″櫒绔缓绔嬩竴涓嫤鎴櫒鏉ラ獙璇佽繖涓?token锛屽鏋滆姹備腑娌℃湁 token 鎴栬?token 鍐呭涓嶆纭紝鍒欒涓哄彲鑳芥槸 CSRF 鏀诲嚮鑰屾嫆缁濊璇锋眰銆?/p>

杩欑鏂规硶瑕佹瘮妫鏌?Referer 瑕佸畨鍏ㄤ竴浜涳紝token 鍙互鍦ㄧ敤鎴风櫥闄嗗悗浜х敓骞舵斁浜?session 涔嬩腑锛岀劧鍚庡湪姣忔璇锋眰鏃舵妸 token 浠?session 涓嬁鍑猴紝涓庤姹備腑鐨?token 杩涜姣斿锛屼絾杩欑鏂规硶鐨勯毦鐐瑰湪浜庡浣曟妸 token 浠ュ弬鏁扮殑褰㈠紡鍔犲叆璇锋眰銆傚浜?GET 璇锋眰锛宼oken 灏嗛檮鍦ㄨ姹傚湴鍧涔嬪悗锛岃繖鏍?URL 灏卞彉鎴?//url?csrftoken=tokenvalue銆?鑰屽浜?POST 璇锋眰鏉ヨ锛岃鍦?form 鐨勬渶鍚庡姞涓?<input type=”hidden” name=”csrftoken” value=”tokenvalue”/>锛岃繖鏍峰氨鎶?token 浠ュ弬鏁扮殑褰㈠紡鍔犲叆璇锋眰浜嗐備絾鏄紝鍦ㄤ竴涓綉绔欎腑锛屽彲浠ユ帴鍙楄姹傜殑鍦版柟闈炲父澶氾紝瑕佸浜庢瘡涓涓姹傞兘鍔犱笂 token 鏄緢楹荤儲鐨勶紝骞朵笖寰堝鏄撴紡鎺夛紝閫氬父浣跨敤鐨勬柟娉曞氨鏄湪姣忔椤甸潰鍔犺浇鏃讹紝浣跨敤 javascript 閬嶅巻鏁翠釜 dom 鏍戯紝瀵逛簬 dom 涓墍鏈夌殑 a 鍜?form 鏍囩鍚庡姞鍏?token銆傝繖鏍峰彲浠ヨВ鍐冲ぇ閮ㄥ垎鐨勮姹傦紝浣嗘槸瀵逛簬鍦ㄩ〉闈㈠姞杞戒箣鍚庡姩鎬佺敓鎴愮殑 html 浠g爜锛岃繖绉嶆柟娉曞氨娌℃湁浣滅敤锛岃繕闇瑕佺▼搴忓憳鍦ㄧ紪鐮佹椂鎵嬪姩娣诲姞 token銆?/p>

璇ユ柟娉曡繕鏈変竴涓己鐐规槸闅句互淇濊瘉 token 鏈韩鐨勫畨鍏ㄣ傜壒鍒槸鍦ㄤ竴浜涜鍧涗箣绫绘敮鎸佺敤鎴疯嚜宸卞彂琛ㄥ唴瀹圭殑缃戠珯锛岄粦瀹㈠彲浠ュ湪涓婇潰鍙戝竷鑷繁涓汉缃戠珯鐨勫湴鍧銆傜敱浜庣郴缁熶篃浼氬湪杩欎釜鍦板潃鍚庨潰鍔犱笂 token锛岄粦瀹㈠彲浠ュ湪鑷繁鐨勭綉绔欎笂寰楀埌杩欎釜 token锛屽苟椹笂灏卞彲浠ュ彂鍔?CSRF 鏀诲嚮銆備负浜嗛伩鍏嶈繖涓鐐癸紝绯荤粺鍙互鍦ㄦ坊鍔?token 鐨勬椂鍊欏鍔犱竴涓垽鏂紝濡傛灉杩欎釜閾炬帴鏄摼鍒拌嚜宸辨湰绔欑殑锛屽氨鍦ㄥ悗闈㈡坊鍔?token锛屽鏋滄槸閫氬悜澶栫綉鍒欎笉鍔犮備笉杩囷紝鍗充娇杩欎釜 csrftoken 涓嶄互鍙傛暟鐨勫舰寮忛檮鍔犲湪璇锋眰涔嬩腑锛岄粦瀹㈢殑缃戠珯涔熷悓鏍峰彲浠ラ氳繃 Referer 鏉ュ緱鍒拌繖涓?token 鍊间互鍙戝姩 CSRF 鏀诲嚮銆傝繖涔熸槸涓浜涚敤鎴峰枩娆㈡墜鍔ㄥ叧闂祻瑙堝櫒 Referer 鍔熻兘鐨勫師鍥犮?/p>

鍦?HTTP 澶翠腑鑷畾涔夊睘鎬у苟楠岃瘉

杩欑鏂规硶涔熸槸浣跨敤 token 骞惰繘琛岄獙璇侊紝鍜屼笂涓绉嶆柟娉曚笉鍚岀殑鏄紝杩欓噷骞朵笉鏄妸 token 浠ュ弬鏁扮殑褰㈠紡缃簬 HTTP 璇锋眰涔嬩腑锛岃屾槸鎶婂畠鏀惧埌 HTTP 澶翠腑鑷畾涔夌殑灞炴ч噷銆傞氳繃 XMLHttpRequest 杩欎釜绫伙紝鍙互涓娆℃х粰鎵鏈夎绫昏姹傚姞涓?csrftoken 杩欎釜 HTTP 澶村睘鎬э紝骞舵妸 token 鍊兼斁鍏ュ叾涓傝繖鏍疯В鍐充簡涓婄鏂规硶鍦ㄨ姹備腑鍔犲叆 token 鐨勪笉渚匡紝鍚屾椂锛岄氳繃 XMLHttpRequest 璇锋眰鐨勫湴鍧涓嶄細琚褰曞埌娴忚鍣ㄧ殑鍦板潃鏍忥紝涔熶笉鐢ㄦ媴蹇?token 浼氶忚繃 Referer 娉勯湶鍒板叾浠栫綉绔欎腑鍘汇?/p>

鐒惰岃繖绉嶆柟娉曠殑灞闄愭ч潪甯稿ぇ銆俋MLHttpRequest 璇锋眰閫氬父鐢ㄤ簬 Ajax 鏂规硶涓浜庨〉闈㈠眬閮ㄧ殑寮傛鍒锋柊锛屽苟闈炴墍鏈夌殑璇锋眰閮介傚悎鐢ㄨ繖涓被鏉ュ彂璧凤紝鑰屼笖閫氳繃璇ョ被璇锋眰寰楀埌鐨勯〉闈笉鑳借娴忚鍣ㄦ墍璁板綍涓嬶紝浠庤岃繘琛屽墠杩涳紝鍚庨锛屽埛鏂帮紝鏀惰棌绛夋搷浣滐紝缁欑敤鎴峰甫鏉ヤ笉渚裤傚彟澶栵紝瀵逛簬娌℃湁杩涜 CSRF 闃叉姢鐨勯仐鐣欑郴缁熸潵璇达紝瑕侀噰鐢ㄨ繖绉嶆柟娉曟潵杩涜闃叉姢锛岃鎶婃墍鏈夎姹傞兘鏀逛负 XMLHttpRequest 璇锋眰锛岃繖鏍峰嚑涔庢槸瑕侀噸鍐欐暣涓綉绔欙紝杩欎唬浠锋棤鐤戞槸涓嶈兘鎺ュ彈鐨勩?/p>

Java 浠g爜绀轰緥

涓嬫枃灏嗕互 Java 涓轰緥锛屽涓婅堪涓夌鏂规硶鍒嗗埆鐢ㄤ唬鐮佽繘琛岀ず渚嬨傛棤璁轰娇鐢ㄤ綍绉嶆柟娉曪紝鍦ㄦ湇鍔″櫒绔殑鎷︽埅鍣ㄥ繀涓嶅彲灏戯紝瀹冨皢璐熻矗妫鏌ュ埌鏉ョ殑璇锋眰鏄惁绗﹀悎瑕佹眰锛岀劧鍚庤缁撴灉鑰屽喅瀹氭槸鍚︾户缁姹傛垨鑰呬涪寮冦傚湪 Java 涓紝鎷︽埅鍣ㄦ槸鐢?Filter 鏉ュ疄鐜扮殑銆傛垜浠彲浠ョ紪鍐欎竴涓?Filter锛屽苟鍦?web.xml 涓鍏惰繘琛岄厤缃紝浣垮叾瀵逛簬璁块棶鎵鏈夐渶瑕?CSRF 淇濇姢鐨勮祫婧愮殑璇锋眰杩涜鎷︽埅銆?/p>

鍦?filter 涓璇锋眰鐨?Referer 楠岃瘉浠g爜濡備笅
娓呭崟 1. 鍦?Filter 涓獙璇?Referer

1
2
3
4
5
6
7
8
// 浠?HTTP 澶翠腑鍙栧緱 Referer 鍊?
 String referer=request.getHeader("Referer"); 
 // 鍒ゆ柇 Referer 鏄惁浠?bank.example 寮澶?
 if((referer!=null) &&(referer.trim().startsWith(“bank.example”))){ 
    chain.doFilter(request, response); 
 }else
    request.getRequestDispatcher(“error.jsp”).forward(request,response); 
 }

浠ヤ笂浠g爜鍏堝彇寰?Referer 鍊硷紝鐒跺悗杩涜鍒ゆ柇锛屽綋鍏堕潪绌哄苟浠?bank.example 寮澶存椂锛屽垯缁х画璇锋眰锛屽惁鍒欑殑璇濆彲鑳芥槸 CSRF 鏀诲嚮锛岃浆鍒?error.jsp 椤甸潰銆?/p>

濡傛灉瑕佽繘涓姝ラ獙璇佽姹備腑鐨?token 鍊硷紝浠g爜濡備笅

1
<em><strong>娓呭崟 2. 鍦?filter 涓獙璇佽姹備腑鐨?lt;/strong></em> token
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HttpServletRequest req = (HttpServletRequest)request; 
 HttpSession s = req.getSession(); 
  
 // 浠?session 涓緱鍒?csrftoken 灞炴?
 String sToken = (String)s.getAttribute(“csrftoken”); 
 if(sToken == null){ 
  
    // 浜х敓鏂扮殑 token 鏀惧叆 session 涓?
    sToken = generateToken(); 
    s.setAttribute(“csrftoken”,sToken); 
    chain.doFilter(request, response); 
 } else
  
    // 浠?HTTP 澶翠腑鍙栧緱 csrftoken 
    String xhrToken = req.getHeader(“csrftoken”); 
  
    // 浠庤姹傚弬鏁颁腑鍙栧緱 csrftoken 
    String pToken = req.getParameter(“csrftoken”); 
    if(sToken != null && xhrToken != null && sToken.equals(xhrToken)){ 
        chain.doFilter(request, response); 
    }else if(sToken != null && pToken != null && sToken.equals(pToken)){ 
        chain.doFilter(request, response); 
    }else
        request.getRequestDispatcher(“error.jsp”).forward(request,response); 
    
 }

棣栧厛鍒ゆ柇 session 涓湁娌℃湁 csrftoken锛屽鏋滄病鏈夛紝鍒欒涓烘槸绗竴娆¤闂紝session 鏄柊寤虹珛鐨勶紝杩欐椂鐢熸垚涓涓柊鐨?token锛屾斁浜?session 涔嬩腑锛屽苟缁х画鎵ц璇锋眰銆傚鏋?session 涓凡缁忔湁 csrftoken锛屽垯璇存槑鐢ㄦ埛宸茬粡涓庢湇鍔″櫒涔嬮棿寤虹珛浜嗕竴涓椿璺冪殑 session锛岃繖鏃惰鐪嬭繖涓姹備腑鏈夋病鏈夊悓鏃堕檮甯﹁繖涓?token锛岀敱浜庤姹傚彲鑳芥潵鑷簬甯歌鐨勮闂垨鏄?XMLHttpRequest 寮傛璁块棶锛屾垜浠垎鍒皾璇曚粠璇锋眰涓幏鍙?csrftoken 鍙傛暟浠ュ強浠?HTTP 澶翠腑鑾峰彇 csrftoken 鑷畾涔夊睘鎬у苟涓?session 涓殑鍊艰繘琛屾瘮杈冿紝鍙鏈変竴涓湴鏂瑰甫鏈夋湁鏁?token锛屽氨鍒ゅ畾璇锋眰鍚堟硶锛屽彲浠ョ户缁墽琛岋紝鍚﹀垯灏辫浆鍒伴敊璇〉闈€傜敓鎴?token 鏈夊緢澶氱鏂规硶锛屼换浣曠殑闅忔満绠楁硶閮藉彲浠ヤ娇鐢紝Java 鐨?UUID 绫讳篃鏄竴涓笉閿欑殑閫夋嫨銆?/p>

闄や簡鍦ㄦ湇鍔″櫒绔埄鐢?filter 鏉ラ獙璇?token 鐨勫间互澶栵紝鎴戜滑杩橀渶瑕佸湪瀹㈡埛绔粰姣忎釜璇锋眰闄勫姞涓婅繖涓?token锛岃繖鏄埄鐢?js 鏉ョ粰 html 涓殑閾炬帴鍜岃〃鍗曡姹傚湴鍧闄勫姞 csrftoken 浠g爜锛屽叾涓凡瀹氫箟 token 涓哄叏灞鍙橀噺锛屽叾鍊煎彲浠ヤ粠 session 涓緱鍒般?/p>

1
<em><strong>娓呭崟 3. 鍦ㄥ鎴风瀵逛簬璇锋眰闄勫姞</strong> </em>token
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
function appendToken(){ 
    updateForms(); 
    updateTags(); 
 
  
 function updateForms() { 
    // 寰楀埌椤甸潰涓墍鏈夌殑 form 鍏冪礌
    var forms = document.getElementsByTagName('form'); 
    for(i=0; i<forms.length; i++) { 
        var url = forms[i].action; 
  
        // 濡傛灉杩欎釜 form 鐨?action 鍊间负绌猴紝鍒欎笉闄勫姞 csrftoken 
        if(url == null || url == "" ) continue
  
        // 鍔ㄦ佺敓鎴?input 鍏冪礌锛屽姞鍏ュ埌 form 涔嬪悗
        var e = document.createElement("input"); 
        e.name = "csrftoken"
        e.value = token; 
        e.type="hidden"
        forms[i].appendChild(e); 
    
 
  
 function updateTags() { 
    var all = document.getElementsByTagName('a'); 
    var len = all.length; 
  
    // 閬嶅巻鎵鏈?a 鍏冪礌
    for(var i=0; i<len; i++) { 
        var e = all[i]; 
        updateTag(e, 'href', token); 
    
 
  
 function updateTag(element, attr, token) { 
    var location = element.getAttribute(attr); 
    if(location != null && location != '' '' ) { 
        var fragmentIndex = location.indexOf('#'); 
        var fragment = null
        if(fragmentIndex != -1){ 
  
            //url 涓惈鏈夊彧鐩稿綋椤电殑閿氭爣璁?
            fragment = location.substring(fragmentIndex); 
            location = location.substring(0,fragmentIndex); 
        
  
        var index = location.indexOf('?'); 
  
        if(index != -1) { 
            //url 涓凡鍚湁鍏朵粬鍙傛暟
            location = location + '&csrftoken=' + token; 
        } else
            //url 涓病鏈夊叾浠栧弬鏁?
            location = location + '?csrftoken=' + token; 
        
        if(fragment != null){ 
            location += fragment; 
        
  
        element.setAttribute(attr, location); 
    
 }

鍦ㄥ鎴风 html 涓紝涓昏鏄湁涓や釜鍦版柟闇瑕佸姞涓?token锛屼竴涓槸琛ㄥ崟 form锛屽彟涓涓氨鏄摼鎺?a銆傝繖娈典唬鐮侀鍏堥亶鍘嗘墍鏈夌殑 form锛屽湪 form 鏈鍚庢坊鍔犱竴闅愯棌瀛楁锛屾妸 csrftoken 鏀惧叆鍏朵腑銆傜劧鍚庯紝浠g爜閬嶅巻鎵鏈夌殑閾炬帴鏍囪 a锛屽湪鍏?href 灞炴т腑鍔犲叆 csrftoken 鍙傛暟銆傛敞鎰忓浜?a.href 鏉ヨ锛屽彲鑳借灞炴у凡缁忔湁鍙傛暟锛屾垨鑰呮湁閿氭爣璁般傚洜姝ら渶瑕佸垎鎯呭喌璁ㄨ锛屼互涓嶅悓鐨勬牸寮忔妸 csrftoken 鍔犲叆鍏朵腑銆?/p>

濡傛灉浣犵殑缃戠珯浣跨敤 XMLHttpRequest锛岄偅涔堣繕闇瑕佸湪 HTTP 澶翠腑鑷畾涔?csrftoken 灞炴э紝鍒╃敤 dojo.xhr 缁?XMLHttpRequest 鍔犱笂鑷畾涔夊睘鎬т唬鐮佸涓嬶細

1
<strong><em>娓呭崟 4. 鍦?HTTP 澶翠腑鑷畾涔夊睘鎬?lt;/em></strong>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
                 
var plainXhr = dojo.xhr; 
 
// 閲嶅啓 dojo.xhr 鏂规硶
dojo.xhr = function(method,args,hasBody) { 
   // 纭繚 header 瀵硅薄瀛樺湪
   args.headers = args.header || {}; 
 
   tokenValue = '<%=request.getSession(false).getAttribute("csrftoken")%>'
   var token = dojo.getObject("tokenValue"); 
 
   // 鎶?csrftoken 灞炴ф斁鍒板ご涓?
   args.headers["csrftoken"] = (token) ? token : "  "
   return plainXhr(method,args,hasBody); 
};

杩欓噷鏀瑰啓浜?dojo.xhr 鐨勬柟娉曪紝棣栧厛纭繚 dojo.xhr 涓瓨鍦?HTTP 澶达紝鐒跺悗鍦?args.headers 涓坊鍔?csrftoken 瀛楁锛屽苟鎶?token 鍊间粠 session 閲屾嬁鍑烘斁鍏ュ瓧娈典腑銆?/p>

CSRF 闃插尽鏂规硶閫夋嫨涔嬮亾

閫氳繃涓婃枃璁ㄨ鍙煡锛岀洰鍓嶄笟鐣屽簲瀵?CSRF 鏀诲嚮鏈変竴浜涘厠鍒舵柟娉曪紝浣嗘槸姣忕鏂规硶閮芥湁鍒╁紛锛屾病鏈変竴绉嶆柟娉曟槸瀹岀編鐨勩傚浣曢夋嫨鍚堥傜殑鏂规硶闈炲父閲嶈銆傚鏋滅綉绔欐槸涓涓幇鏈夌郴缁燂紝鎯宠鍦ㄦ渶鐭椂闂村唴鑾峰緱涓瀹氱▼搴︾殑 CSRF 鐨勪繚鎶わ紝閭d箞楠岃瘉 Referer 鐨勬柟娉曟槸鏈鏂逛究鐨勶紝瑕佹兂澧炲姞瀹夊叏鎬х殑璇濓紝鍙互閫夋嫨涓嶆敮鎸佷綆鐗堟湰娴忚鍣紝姣曠珶灏辩洰鍓嶆潵璇达紝IE7+, FF3+ 杩欑被楂樼増鏈祻瑙堝櫒鐨?Referer 鍊艰繕鏃犳硶琚鏀广?/p>

濡傛灉绯荤粺蹇呴』鏀寔 IE6锛屽苟涓斾粛鐒堕渶瑕侀珮瀹夊叏鎬с傞偅涔堝氨瑕佷娇鐢?token 鏉ヨ繘琛岄獙璇侊紝鍦ㄥぇ閮ㄥ垎鎯呭喌涓嬶紝浣跨敤 XmlHttpRequest 骞朵笉鍚堥傦紝token 鍙兘浠ュ弬鏁扮殑褰㈠紡鏀句簬璇锋眰涔嬩腑锛岃嫢浣犵殑绯荤粺涓嶆敮鎸佺敤鎴疯嚜宸卞彂甯冧俊鎭紝閭h繖绉嶇▼搴︾殑闃叉姢宸茬粡瓒冲锛屽惁鍒欑殑璇濓紝浣犱粛鐒堕毦浠ラ槻鑼?token 琚粦瀹㈢獌鍙栧苟鍙戝姩鏀诲嚮銆傚湪杩欑鎯呭喌涓嬶紝浣犻渶瑕佸皬蹇冭鍒掍綘缃戠珯鎻愪緵鐨勫悇绉嶆湇鍔★紝浠庝腑闂存壘鍑洪偅浜涘厑璁哥敤鎴疯嚜宸卞彂甯冧俊鎭殑閮ㄥ垎锛屾妸瀹冧滑涓庡叾浠栨湇鍔″垎寮锛屼娇鐢ㄤ笉鍚岀殑 token 杩涜淇濇姢锛岃繖鏍峰彲浠ユ湁鏁堟姷寰¢粦瀹㈠浜庝綘鍏抽敭鏈嶅姟鐨勬敾鍑伙紝鎶婂嵄瀹抽檷鍒版渶浣庛傛瘯绔燂紝鍒犻櫎鍒汉涓涓笘瀛愭瘮鐩存帴浠庡埆浜鸿处鍙蜂腑杞蛋澶х瑪瀛樻涓ラ噸绋嬪害瑕佽交鐨勫銆?/p>

濡傛灉鏄紑鍙戜竴涓叏鏂扮殑绯荤粺锛屽垯鎶靛尽 CSRF 鐨勯夋嫨瑕佸ぇ寰楀銆傜瑪鑰呭缓璁浜庨噸瑕佺殑鏈嶅姟锛屽彲浠ュ敖閲忎娇鐢?XMLHttpRequest 鏉ヨ闂紝杩欐牱澧炲姞 token 瑕佸鏄撳緢澶氥傚彟澶栧敖閲忛伩鍏嶅湪 js 浠g爜涓娇鐢ㄥ鏉傞昏緫鏉ユ瀯閫犲父瑙勭殑鍚屾璇锋眰鏉ヨ闂渶瑕?CSRF 淇濇姢鐨勮祫婧愶紝姣斿 window.location 鍜?document.createElement(“a”) 涔嬬被锛岃繖鏍蜂篃鍙互鍑忓皯鍦ㄩ檮鍔?token 鏃朵骇鐢熺殑涓嶅繀瑕佺殑楹荤儲銆?/p>

鏈鍚庯紝瑕佽浣?CSRF 涓嶆槸榛戝鍞竴鐨勬敾鍑绘墜娈碉紝鏃犺浣?CSRF 闃茶寖鏈夊涔堜弗瀵嗭紝濡傛灉浣犵郴缁熸湁鍏朵粬瀹夊叏婕忔礊锛屾瘮濡傝法绔欏煙鑴氭湰鏀诲嚮 XSS锛岄偅涔堥粦瀹㈠氨鍙互缁曡繃浣犵殑瀹夊叏闃叉姢锛屽睍寮鍖呮嫭 CSRF 鍦ㄥ唴鐨勫悇绉嶆敾鍑伙紝浣犵殑闃茬嚎灏嗗鍚岃櫄璁俱?/p>

鎬荤粨涓庡睍鏈?/strong>

鍙锛孋SRF 鏄竴绉嶅嵄瀹抽潪甯稿ぇ鐨勬敾鍑伙紝鍙堝緢闅句互闃茶寖銆傜洰鍓嶅嚑绉嶉槻寰$瓥鐣ヨ櫧鐒跺彲浠ュ緢澶х▼搴︿笂鎶靛尽 CSRF 鐨勬敾鍑伙紝浣嗗苟娌℃湁涓绉嶅畬缇庣殑瑙e喅鏂规銆備竴浜涙柊鐨勬柟妗堟鍦ㄧ爺绌朵箣涓紝姣斿瀵逛簬姣忔璇锋眰閮戒娇鐢ㄤ笉鍚岀殑鍔ㄦ佸彛浠わ紝鎶?Referer 鍜?token 鏂规缁撳悎璧锋潵锛岀敋鑷冲皾璇曚慨鏀?HTTP 瑙勮寖锛屼絾鏄繖浜涙柊鐨勬柟妗堝皻涓嶆垚鐔燂紝瑕佹寮忔姇鍏ヤ娇鐢ㄥ苟琚笟鐣屽箍涓烘帴鍙楄繕闇鏃舵棩銆傚湪杩欎箣鍓嶏紝鎴戜滑鍙湁鍏呭垎閲嶈 CSRF锛屾牴鎹郴缁熺殑瀹為檯鎯呭喌閫夋嫨鏈鍚堥傜殑绛栫暐锛岃繖鏍锋墠鑳芥妸 CSRF 鐨勫嵄瀹抽檷鍒版渶浣庛?/p>

]]>
  • 女性之声——全国妇联 2019-05-12
  • 中国科学家给2.2万年前的大熊猫测基因 2019-05-11
  • 有神论跟无神论的差别在哪你都不知道,还要扯啥呢。 2019-05-11
  • 福州五一广场举行“十一”升国旗仪式 2019-05-08
  • 强村带弱村结对共发展 2019-04-07
  • 父亲节,你知道 有几成“男人装”? 2019-03-28
  • 苹果-热门标签-华商生活 2019-03-10
  • “奥运新秀”亮相上海 亚帆联杯等你来看 2019-03-07
  • 蔡奇就历史文化遗产保护调研:把燕都金中都建设保护好 2019-02-23
  • 红曲美的绿盒子,绿色生活大不同 2019-02-23
  • 理发迎接世界杯 梅西粉丝将偶像笑脸“抛在脑后” 2018-11-26
  • 我省各类创业孵化载体累计“毕业”企业3054家 2018-11-26
  • 鸿山慈善会厦门佛事展举行义诊活动 赢得群众交口称赞 2018-11-24
  • 特色小镇里的税收服务 定海国地税多措并举提升效能 2018-11-24
  • 端午小长假我市旅游总收入同比增20.5% 2018-08-12