[B! HTTP] GEROã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

GERO id:GERO

HTTPã«é–¢ã™ã‚‹GEROã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (3)

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

Geekãªãºãƒ¼ã˜ : ãƒ¡ã‚¿æƒ…å ±ã«ã‚ˆã‚‹XSS
å…ˆæ—¥ã€ãªã‹ãªã‹å¼·çƒˆãªXSSæ”»æ’ƒæ‰‹æ³•ãŒå…¬é–‹ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚ DNSã¸ã®å•ã„åˆã‚ã›çµæžœã«JavaScriptã‚’åŸ‹ã‚è¾¼ã‚“ã§ã—ã¾ãŠã†ã¨ã„ã†ã‚‚ã®ã§ã™ã€‚ SkullSecurity: Stuffing Javascript into DNS names DarkReading: Researcher Details New Class Of Cross-Site Scripting Attack nCircle: Meta-Information Cross Site Scripting (PDF) è‡ªå‹•ç”Ÿæˆã•ã‚Œã‚‹Webãƒšãƒ¼ã‚¸ä¸ã«ã€DNSã«ã‚ˆã‚‹åå‰è§£æ±ºçµæžœãŒã‚¨ã‚¹ã‚±ãƒ¼ãƒ—ã•ã‚Œãªã„çŠ¶æ…‹ã§å«ã¾ã‚Œã¦ã„ã‚‹ã¨ã€JavaScriptãŒå®Ÿè¡Œã•ã‚Œã¦ã—ã¾ã†ã¨ã„ã†ä»•æŽ›ã‘ã§ã™ã€‚ ã€Œhogehoge.example.comã€ãŒæœ¬æ¥ãªã‚‰ã°ã€Œ198.1.100.3ã€ã¨ã„ã†ã‚ˆã†ãªIPã‚¢ãƒ‰ãƒ¬ã‚¹ãŒçµæžœã¨ã—ã¦è¿”ã‚‹ã¨ã“ã‚ã‚’ã€DNSã«ç´°å·¥ã‚’è¡Œã£
GERO 2010/10/06
ãã®ç™ºæƒ³ã¯ãªã‹ã£ãŸã‚ï½— ã¿ã‚“ãªä¸Šã£é¢ã®éƒ¨åˆ†ã—ã‹è¦‹ã¦ãªã„ã‘ã©ã€ã“ã†ã„ã†ãƒ—ãƒãƒˆã‚³ãƒ«ã®ä½Žå±¤ã«ã¤ã„ã¦ã‚‚å‹‰å¼·ã—ãªã„ã¨ã„ã‘ãªã„ã‚ˆãã€‚

ã“ã‚Œã¯ã“ã‚ã„

HTTP

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£
ãƒªãƒ³ã‚¯
yohei-y:weblog: ã€ŽWebã‚’æ”¯ãˆã‚‹æŠ€è¡“ â”€â”€ HTTPã€URIã€HTMLã€ãã—ã¦RESTã€ã¨ã„ã†æœ¬ã‚’æ›¸ãã¾ã—ãŸ
ã“ã®ãƒ–ãƒã‚°ã€1å¹´è¿‘ãã”ç„¡æ²™æ±°ã—ã¦ã„ã¾ã—ãŸã€‚ãã®é–“ãªã«ã‚’ã‚„ã£ã¦ã„ãŸã‹ã¨ã„ã†ã¨ã€å®Ÿã¯ãšã£ã¨æœ¬ã‚’æ›¸ã„ã¦ã„ã¾ã—ãŸã€‚ã€ŽWebã‚’æ”¯ãˆã‚‹æŠ€è¡“ â”€â”€ HTTPã€URIã€HTMLã€ãã—ã¦RESTã€ã¨ã„ã†ãªã‚“ã¨ã‚‚æŒ‘æˆ¦çš„ãªé¡Œåã®æœ¬ã§ã™ã€‚æŠ€è¡“è©•è«–ç¤¾ã•ã‚“ã®WEB+DB PRESS Plusã‚·ãƒªãƒ¼ã‚ºã®11å†Šç›®ã§ã€æ¥æœˆç™ºå£²ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚ Webã‚’æ”¯ãˆã‚‹æŠ€è¡“ â”€â”€ HTTPã€URIã€HTMLã€ãã—ã¦RESTå±±æœ¬ é™½å¹³æŠ€è¡“è©•è«–ç¤¾ 2010-04-08 ã“ã®æœ¬ã¯ã€WEB+DB PRESSã§é€£è¼‰ã—ã¦ã„ãŸã€ŒRESTãƒ¬ã‚·ãƒ”ã€ã¨ã„ã†é€£è¼‰ãŒãƒ™ãƒ¼ã‚¹ã«ãªã£ã¦ã„ã¾ã™ã€‚å®Ÿã¯é€£è¼‰ãŒ1å¹´çµŒã£ãŸãã‚‰ã„ã‹ã‚‰ã€æŠ€è©•ã•ã‚“ã‹ã‚‰ã¯æ›¸ç±åŒ–ã®ã‚ªãƒ•ã‚¡ãƒ¼ã‚’ã‚‚ã‚‰ã£ã¦ã„ã¾ã—ãŸã€‚ãŸã ã€ãã®æ™‚ç‚¹ã§ã¯æ›¸ã„ãŸåˆ†é‡ã‚‚å°‘ãªã„ã—ã€ãã‚‚ãã‚‚è‡ªåˆ†ã«é›‘èªŒè¨˜äº‹ã¨ã¯æ¯”ã¹ç‰©ã«ãªã‚‰ãªã„ãã‚‰ã„åˆ†é‡ã®ã‚ã‚‹æœ¬ãŒæ›¸ã‘ã‚‹ã¨ã¯æ€ã£ã¦ã„ãªã‹ã£ãŸã®ã§ã€æ›¸ç±ã§ã¯ãªãé€£è¼‰ç¶™ç¶šã¨ã„ã†å½¢ã§ãƒˆãƒ¼ã‚¿ãƒ«2å¹´é–“é€£è¼‰ã‚’ã—ã¾ã—ãŸã€‚
GERO 2010/04/02
HTTP

REST

html

uri

æœ¬
ãƒªãƒ³ã‚¯
urllib2ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ« - ã²ããƒ¡ãƒ¢
Getãƒªã‚¯ã‚¨ã‚¹ãƒˆ >>> import urllib2 >>> r = urllib2.urlopen("http://www.yahoo.co.jp") Postãƒªã‚¯ã‚¨ã‚¹ãƒˆ >>> import urllib >>> query = {"name":name, "password":password} # é€ä¿¡ã™ã‚‹ãƒ‡ãƒ¼ã‚¿ >>> query = urllib.urlencode(query ) # URLã‚¨ãƒ³ã‚³ãƒ¼ãƒ‰ >>> r = urllib2.urlopen("http://www.hatena.ne.jp/login", query) ãƒ¬ã‚¹ãƒãƒ³ã‚¹ã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã®ãƒ¡ã‚½ãƒƒãƒ‰ >>> r = urllib2.urlopen("http://d.hatena.ne.jp/yumimue/edit") >>> r.code, r.msg # ãƒ¬ã‚¹ãƒãƒ³ã‚¹ã‚³ãƒ¼ãƒ‰ã¨ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ (200, 'OK')
GERO 2009/06/09
python

urllib2

http
ãƒªãƒ³ã‚¯
1

ãŠçŸ¥ã‚‰ã›

ã‚‚ã£ã¨èªã‚€

å…¬å¼Twitter

@hatebu
æœ€æ–°ã®äººæ°—ã‚¨ãƒ³ãƒˆãƒªãƒ¼ã®é…ä¿¡

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

jæ¬¡ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

kå‰ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

lã‚ã¨ã§èªã‚€

eã‚³ãƒ¡ãƒ³ãƒˆä¸€è¦§ã‚’é–‹ã

oãƒšãƒ¼ã‚¸ã‚’é–‹ã

è¨å®šã‚’å¤‰æ›´ã—ã¾ã—ãŸx

ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

ã‚¿ã‚°

é–¢é€£ã‚¿ã‚°ã§çµžã‚Šè¾¼ã‚€ (9)

HTTPã«é–¢ã™ã‚‹GEROã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (3)

ãŠçŸ¥ã‚‰ã›

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬3é€±ï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬2é€±ï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬1é€±ï¼‰

å…¬å¼Twitter

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

å…¬å¼Twitter

ã¯ã¦ãªã®ã‚µãƒ¼ãƒ“ã‚¹

ã‚¿ã‚°

é–¢é€£ã‚¿ã‚°ã§çµžã‚Šè¾¼ã‚€ (9)

HTTPã«é–¢ã™ã‚‹GEROã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (3)

Geekãªãºãƒ¼ã˜ : ãƒ¡ã‚¿æƒ…å ±ã«ã‚ˆã‚‹XSS

yohei-y:weblog: ã€ŽWebã‚’æ”¯ãˆã‚‹æŠ€è¡“ â”€â”€ HTTPã€URIã€HTMLã€ãã—ã¦RESTã€ã¨ã„ã†æœ¬ã‚’æ›¸ãã¾ã—ãŸ

urllib2ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ« - ã²ããƒ¡ãƒ¢

ãŠçŸ¥ã‚‰ã›

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚­ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬3é€±ï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚­ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬2é€±ï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚­ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬1é€±ï¼‰

å…¬å¼Twitter

ã‚­ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

å…¬å¼Twitter

ã¯ã¦ãªã®ã‚µãƒ¼ãƒ“ã‚¹

é–¢é€£ã‚¿ã‚°ã§çµžã‚Šè¾¼ã‚€ (9)

HTTPã«é–¢ã™ã‚‹GEROã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (3)

Geekãªãºãƒ¼ã˜ : ãƒ¡ã‚¿æƒ…å ±ã«ã‚ˆã‚‹XSS

yohei-y:weblog: ã€ŽWebã‚’æ”¯ãˆã‚‹æŠ€è¡“ â”€â”€ HTTPã€URIã€HTMLã€ãã—ã¦RESTã€ã¨ã„ã†æœ¬ã‚’æ›¸ãã¾ã—ãŸ

urllib2ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ« - ã²ããƒ¡ãƒ¢

ãŠçŸ¥ã‚‰ã›

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬3é€±ï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬2é€±ï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2025å¹´4æœˆç¬¬1é€±ï¼‰

å…¬å¼Twitter

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

å…¬å¼Twitter

ã¯ã¦ãªã®ã‚µãƒ¼ãƒ“ã‚¹