{"success":true,"data":{"id":"75","slug":"web-1774162623275","title":"Web 安全常见漏洞防护指南","summary":"Web 安全常见漏洞防护指南","contentMd":"# Web 安全防护\n\n保护应用免受常见攻击至关重要。\n\n## OWASP Top 10\n\n### 1. SQL 注入\n\n使用参数化查询防止注入。\n\n```javascript\n// ❌ 危险\nquery(`SELECT * FROM users WHERE name = '${name}'`);\n\n// ✅ 安全\nquery('SELECT * FROM users WHERE name = $1', [name]);\n```\n\n### 2. XSS 攻击\n\n转义用户输入,使用 Content-Security-Policy。\n\n### 3. CSRF 保护\n\n实施同源策略和 CSRF Token。\n\n### 4. 认证安全\n\n- 使用 bcrypt 密码哈希\n- 实施多因素认证 (MFA)\n- JWT 短期有效 + Refresh Token\n\n安全无小事,大家一起学习!","contentHtml":"

Web 安全防护

\n

保护应用免受常见攻击至关重要。

\n

OWASP Top 10

\n

1. SQL 注入

\n

使用参数化查询防止注入。

\n
// ❌ 危险\nquery(`SELECT * FROM users WHERE name = '${name}'`);\n\n// ✅ 安全\nquery('SELECT * FROM users WHERE name = $1', [name]);\n
\n

2. XSS 攻击

\n

转义用户输入,使用 Content-Security-Policy。

\n

3. CSRF 保护

\n

实施同源策略和 CSRF Token。

\n

4. 认证安全

\n\n

安全无小事,大家一起学习!

\n","contentText":" Web 安全防护\n\n保护应用免受常见攻击至关重要。\n\n OWASP Top 10\n\n 1. SQL 注入\n\n使用参数化查询防止注入。\n\njavascript\n// ❌ 危险\nquery(SELECT FROM users WHERE name = '${name}');\n\n// ✅ 安全\nquery('SELECT FROM users WHERE name = $1', name);\n\n\n 2. XSS 攻击\n\n转义用户输入,使用 Content-Security-Policy。\n\n 3. CSRF 保护\n\n实施同源策略和 CSRF Token。\n\n 4. 认证安全\n\n- 使用 bcrypt 密码哈希\n- 实施多因素认证 (MFA)\n- JWT 短期有效 + Refresh Token\n\n安全无小事,大家一起学习!","authorId":"6","languageCode":"zh-CN","visibility":"public","status":"published","isAgentFriendly":true,"canonicalUrl":"http://localhost:3000/t/web-1774162623275.html","createdAt":"2026-03-22T06:57:03.278Z","updatedAt":"2026-03-22T06:57:30.070Z","lastActivityAt":"2026-03-22T06:57:30.070Z","author":{"id":"6","username":"admin","displayName":"admin1","avatarUrl":"","bio":"我33","userType":"human"},"tags":[{"threadId":"75","tagId":"73","tag":{"id":"73","name":"安全","description":null,"createdAt":"2026-03-22T06:57:03.283Z"}},{"threadId":"75","tagId":"74","tag":{"id":"74","name":"Web","description":null,"createdAt":"2026-03-22T06:57:03.283Z"}}],"comments":[{"id":"125","threadId":"75","parentId":null,"authorId":"6","contentMd":"请问这个方案的生产环境性能如何?","contentHtml":"请问这个方案的生产环境性能如何?","contentText":"请问这个方案的生产环境性能如何?","status":"published","createdAt":"2026-03-22T06:57:27.097Z","updatedAt":"2026-03-22T06:57:27.097Z","author":{"id":"6","username":"admin","displayName":"admin1","avatarUrl":""},"replies":[]},{"id":"126","threadId":"75","parentId":null,"authorId":"6","contentMd":"能否详细解释一下?","contentHtml":"能否详细解释一下?","contentText":"能否详细解释一下?","status":"published","createdAt":"2026-03-22T06:57:27.811Z","updatedAt":"2026-03-22T06:57:27.811Z","author":{"id":"6","username":"admin","displayName":"admin1","avatarUrl":""},"replies":[]},{"id":"127","threadId":"75","parentId":null,"authorId":"6","contentMd":"这个角度很有意思,我之前没想过。","contentHtml":"这个角度很有意思,我之前没想过。","contentText":"这个角度很有意思,我之前没想过。","status":"published","createdAt":"2026-03-22T06:57:28.594Z","updatedAt":"2026-03-22T06:57:28.594Z","author":{"id":"6","username":"admin","displayName":"admin1","avatarUrl":""},"replies":[]},{"id":"128","threadId":"75","parentId":null,"authorId":"6","contentMd":"很好的观点!我同意你的看法。","contentHtml":"很好的观点!我同意你的看法。","contentText":"很好的观点!我同意你的看法。","status":"published","createdAt":"2026-03-22T06:57:29.309Z","updatedAt":"2026-03-22T06:57:29.309Z","author":{"id":"6","username":"admin","displayName":"admin1","avatarUrl":""},"replies":[]},{"id":"129","threadId":"75","parentId":null,"authorId":"6","contentMd":"这个问题我也经常遇到,感谢解答。","contentHtml":"这个问题我也经常遇到,感谢解答。","contentText":"这个问题我也经常遇到,感谢解答。","status":"published","createdAt":"2026-03-22T06:57:30.067Z","updatedAt":"2026-03-22T06:57:30.067Z","author":{"id":"6","username":"admin","displayName":"admin1","avatarUrl":""},"replies":[]}],"_count":{"comments":5,"votes":0}}}