[B! ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼] glat_designã®ãƒ

glat_design id:glat_design

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼ã«é–¢ã™ã‚‹glat_designã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (6)

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

Web over HTTPS
Web over HTTPS DevFest Tokyo 2016 #devfest16 2016/10/0
glat_design 2016/10/10
ã‚ã‹ã‚Šã‚„ã™ã„èª¬æ˜Žã ã£ãŸ /

Webåˆ¶ä½œ

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼

è§£èª¬

https

ã‚¹ãƒ©ã‚¤ãƒ‰
ãƒªãƒ³ã‚¯
ã‚¯ãƒã‚¹ã‚µã‚¤ãƒˆã‚¹ã‚¯ãƒªãƒ—ãƒ†ã‚£ãƒ³ã‚°å¯¾ç– ãƒ›ãƒ³ã‚ã®ã‚ãƒ›ãƒ³ - è‘‰ã£ã±æ—¥è¨˜
æœ¬ç¨¿ã¯CodeZineã«2015å¹´12æœˆ28æ—¥ã«æŽ²è¼‰ã•ã‚ŒãŸè¨˜äº‹ã®å†æŽ²ã¨ãªã‚Šã¾ã™ã€‚ ã‚¯ãƒã‚¹ã‚µã‚¤ãƒˆã‚¹ã‚¯ãƒªãƒ—ãƒ†ã‚£ãƒ³ã‚°(XSS)ã¯ã€å¤ãã‹ã‚‰å˜åœ¨ã—é–‹ç™ºè€…ã«ã‚‚ã£ã¨ã‚‚ã‚ˆãçŸ¥ã‚‰ã‚ŒãŸã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¸Šã®å•é¡Œã®ã²ã¨ã¤ã§ã‚ã‚ŠãªãŒã‚‰ã€OWASP Top 10ã§ã‚‚2010å¹´ã«å¼•ãç¶šã2013å¹´ã§ã‚‚3ä½ã¨ã€æœªã ã«æ ¹çµ¶ã§ãã¦ã„ãªã„è„†å¼±æ€§ã§ã™ã€‚ æœ¬è¨˜äº‹ã§ã¯ã€Webã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®é–‹ç™ºã«ãŠã„ã¦XSSã‚’æ ¹çµ¶ã™ã‚‹ãŸã‚ã«å¿…è¦ãªå¯¾ç–ã®åŸºæœ¬ã‚’æœ¬æ°—ã§ãŠä¼ãˆã—ã¾ã™ã€‚ ã¯ã˜ã‚ã« OWASPã§ã¯é–‹ç™ºè€…ã«å‘ã‘ãŸã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£å¯¾ç–ã®ãŸã‚ã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚„ãƒãƒ¼ãƒˆã‚·ãƒ¼ãƒˆã‚’å¤šæ•°ç”¨æ„ã—ã¦ãŠã‚Šã€XSSã¸ã®å¯¾ç–ã¨ã—ã¦ã‚‚ã€ŒXSS (Cross Site Scripting) Prevention Cheat Sheetã€ã¨ã„ã†ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆãŒç”¨æ„ã•ã‚Œã¦ã„ã¾ã™ã€‚ ãŸã ã—ã€ã“ã®XSS Prevention Cheat Sheetã¯ã‚·ãƒ³ãƒ—ãƒ«ãªãƒ«ãƒ¼ãƒ«ã‚’å®šã‚ãŸãƒãƒ¼ãƒˆã‚·ãƒ¼ãƒˆã§
glat_design 2016/01/07
å‚è€ƒã« /

Webåˆ¶ä½œ

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼

è§£èª¬

PHP

XSS

ãƒ•ã‚©ãƒ¼ãƒ
ãƒªãƒ³ã‚¯
ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ»ã‚ãƒ£ãƒ³ãƒ—å…¨å›½å¤§ä¼š2015è³‡æ–™ã¾ã¨ã‚ - è‘‰ã£ã±æ—¥è¨˜
ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ»ã‚ãƒ£ãƒ³ãƒ—å…¨å›½å¤§ä¼š2015ã®è¬›ç¾©ã§ä½¿ç”¨ã•ã‚ŒãŸè³‡æ–™ã®ã¾ã¨ã‚ã€‚å…¬é–‹ã•ã‚Œã¦ã„ãªã„è¬›ç¾©ãŒå¤šã„ã®ã§ã€ã™ã¹ã¦ã®è¬›ç¾©è³‡æ–™ãŒã‚ã‚‹ã‚ã‘ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚éšæ™‚è¿½åŠ ã€‚ é«˜ãƒ¬ã‚¤ãƒ¤ãƒ¼ãƒˆãƒ©ãƒƒã‚¯ Webãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ JavaScripté›£èªåŒ–èªçµŒ HTTP/2, QUICå…¥é–€ SSL/TLSã®åŸºç¤Žã¨æœ€æ–°å‹•å‘ ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã«è¦‹ã‚‹ Web ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£å¯¾ç–(ã“ã‚Œã‹ã‚‰ã®Webã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£) ã“ã‚Œã‹ã‚‰ã®Webã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ ãƒ•ãƒãƒ³ãƒˆã‚¨ãƒ³ãƒ‰ç·¨ ã‚¯ãƒ©ã‚¦ãƒ‰ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£åŸºç¤Ž ãƒã‚°ãƒãƒ³ãƒ†ã‚£ãƒ³ã‚°å…¥é–€ è§£æžãƒˆãƒ©ãƒƒã‚¯ ä»®æƒ³åŒ–æŠ€è¡“ã‚’ç”¨ã„ãŸãƒžãƒ«ã‚¦ã‚§ã‚¢è§£æž è¬›ç¾©å†…å®¹ TOMOYO / AKARI / CaitSith ãƒãƒ³ã‚ºã‚ªãƒ³ï¼ˆã‚¢ã‚¯ã‚»ã‚¹è§£æžåˆç´šãƒ»ä¸ç´šï¼‰ ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ»ã‚ãƒ£ãƒ³ãƒ—å…¨å›½å¤§ä¼š2015ã§ã®ãƒžãƒ«ã‚¦ã‚¨ã‚¢åˆ†æžè¬›ç¾©(2015-09-10) ãƒãƒ¥ãƒ¼ã‚¿ãƒ¼ç™ºè¡¨ ã€Œè„†å¼±æ€§ã‚’ã¿ã¤ã‘ã‚‹ã€ã‹ã‚‰ã€Œè„†å¼±æ€§ã‚’ãªãã™ã€ã¸ ã‚«ãƒ¼ãƒãƒ«ç©ºé–“ã‹ã‚‰ã®ã‚»
glat_design 2015/08/16
æ°—ã«ãªã£ã¦ãŸï¼ˆé›£ã—ãã†ï¼‰ /

Webåˆ¶ä½œ

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼

é–‹ç™º

ã‚¹ãƒ©ã‚¤ãƒ‰

ã¾ã¨ã‚
ãƒªãƒ³ã‚¯
äº”å³¶å¤•å¤ãŒã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®ãƒ—ãƒ å¾³ä¸¸æµ©å…ˆç”Ÿã«ä¸€æ—¥å¯†ç€ï¼ä»Šã™ãä½¿ãˆã‚‹ãƒ†ã‚¯ãƒ‹ãƒƒã‚¯ã‚’ç›—ã‚“ã§ãã¾ã—ãŸ | NO MORE æƒ…å ±æ¼ãˆã„
ã“ã‚“ã«ã¡ã¯ã€äº”å³¶å¤•å¤ã§ã™ï¼ æ™®æ®µã¯ãƒ•ãƒªãƒ¼ãƒ©ãƒ³ã‚¹ã¨ã—ã¦ã‚¤ãƒ©ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¿ãƒ¼ã‚„ãƒ¢ãƒ‡ãƒ«ã®ãŠä»•äº‹ã‚’ã—ã¦ã„ã‚‹ç§ã§ã™ãŒã€ä»Šæ—¥ã¯NO MORE æƒ…å ±æ¼ãˆã„ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ä¸€å“¡ã¨ã—ã¦ã€ä¸€æ—¥ã‚¤ãƒ³ã‚¿ãƒ“ãƒ¥ã‚¢ãƒ¼ã«æŒ‘æˆ¦ã—ã¾ã™ï¼ çªç„¶ã§ã™ãŒçš†ã•ã‚“ã¯ã€æ¯Žæ—¥ã®ç”Ÿæ´»ã®ä¸ã§ã€Œã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã€ã«ã¤ã„ã¦ã©ã‚Œãã‚‰ã„æ°—ã‚’ã¤ã‘ã¦ã„ã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã‹ï¼Ÿ ç§ã‚‚Twitterã‚„Facebookã‚’ã‚ˆãåˆ©ç”¨ã—ã¾ã™ã—ã€ãŠä»•äº‹ã‚‚ãƒ¡ãƒ¼ãƒ«ã§å—ã‘ã¦ã„ã¾ã™ã€‚PCã‚’ä½¿ã†æ©Ÿä¼šã‚‚å¤šã„ã®ã§æƒ…å ±ã®ç®¡ç†ã«ã¯æ°—ã‚’ã¤ã‘ãªãã‚ƒã¨æ€ã£ã¦ã„ã‚‹ã®ã§ã™ãŒã€ã€Œå…·ä½“çš„ã«ä½•ã‚’ã©ã†æ°—ã‚’ã¤ã‘ã‚Œã°ã„ã„ã®ã‹ã‚ã‹ã‚‰ãªã„ï¼ã€ã¨ã„ã†äººã¯ç§ã ã‘ã§ã¯ãªã„ã¯ãšã§ã™ã€‚ ã¨ã„ã†ã“ã¨ã§ä»Šå›žã¯ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®ãƒ—ãƒãƒ•ã‚§ãƒƒã‚·ãƒ§ãƒŠãƒ«ã¨å‘¼ã°ã‚Œã‚‹å¾³ä¸¸ æµ©ï¼ˆã¨ãã¾ã‚‹ ã²ã‚ã—ï¼‰å…ˆç”Ÿã«å¯†ç€å–æï¼ ãƒ—ãƒãŒã©ã‚“ãªã¨ã“ã‚ã«æ°—ã‚’ã¤ã‘ã¦ã„ã‚‹ã®ã‹ã€ç§ãŸã¡ã®ç”Ÿæ´»ã«ã‚‚æ´»ã‹ã›ãã†ãªãƒ†ã‚¯ãƒ‹ãƒƒã‚¯ã‚’ç›—ã‚“ã§ããŸã„ã¨æ€ã„ã¾ã™ï¼ å¾³ä¸¸ æµ©ï¼ˆã¨ãã¾ã‚‹ ã²ã‚ã—ï¼‰å…ˆç”Ÿ HA
glat_design 2015/07/23
ã‚ã£ã¡ã‚ƒã„ã„è¨˜äº‹ã ã£ãŸw ã‚·ãƒªãƒ¼ã‚ºåŒ–ã—ã¦ã»ã—ã„w /

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼

ç”Ÿæ´»

ãƒã‚¿
ãƒªãƒ³ã‚¯
ã‚¤ãƒ³ãƒ•ãƒ©ã‚¨ãƒ³ã‚¸ãƒ‹ã‚¢ã˜ã‚ƒãªãã¦ã‚‚æŠ¼ã•ãˆã¦ãŠããŸã„SSHã®åŸºç¤ŽçŸ¥è˜ - Qiita
æœ€è¿‘ã¯ã‚¯ãƒ©ã‚¦ãƒ‰ä¸Šã®ã‚µãƒ¼ãƒãƒ¼ã‚’åˆ©ç”¨ã™ã‚‹äº‹ã‚‚å¤šããªã£ã¦ããŸã€‚ ã‚µãƒ¼ãƒãƒ¼ã®ç”¨æ„ã‚„ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯å‘¨ã‚Šã®è¨å®šã¯ã‚¤ãƒ³ãƒ•ãƒ©éƒ¨é–€ãŒã‚„ã£ã¦ãã‚Œã‚‹ã‘ã©ã€ã‚¢ãƒ—ãƒªã®ãƒ‡ãƒ—ãƒã‚¤ï¼è¨å®šã¯é–‹ç™ºè€…ãŒã™ã‚‹äº‹ãŒå¤šã„ã®ã§ã€é–‹ç™ºãƒ¡ã‚¤ãƒ³ã§ã‚„ã£ã¦ã‚‹ã‚¨ãƒ³ã‚¸ãƒ‹ã‚¢ã§ã‚‚æœ€ä½Žé™SSHã®çŸ¥è˜ã¯å¿…è¦ã«ãªã‚‹ã€‚ ã¾ãŸã€Vagrantç‰ã§ãƒãƒ¼ã‚«ãƒ«ç’°å¢ƒã«VMã‚’ä½œæˆã™ã‚‹äº‹ã‚‚ã‚ã‚‹ã®ã§ã€ãƒãƒ¼ã‚«ãƒ«ç’°å¢ƒå†…ã§SSHã‚’ä½¿ç”¨ã™ã‚‹ã‚±ãƒ¼ã‚¹ã‚‚å¢—ãˆã¦ããŸã€‚ ã¨ã„ã†ã‚ã‘ã§ã‚¤ãƒ³ãƒ•ãƒ©ã‚¨ãƒ³ã‚¸ãƒ‹ã‚¢ã˜ã‚ƒãªãã¦ã‚‚SSHã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã®çŸ¥è˜ã¯å¿…é ˆã«ãªã£ã¦ãã¦ã„ã‚‹ã®ã§ã€æ”¹ã‚ã¦SSHã®å†å¦ç¿’ã‚’ã—ã¦ã¿ã‚‹ã“ã¨ã«ã—ãŸã€‚ SSHã¨ã¯ æš—å·ã‚„èªè¨¼ã®æŠ€è¡“ã‚’åˆ©ç”¨ã—ã¦ã€å®‰å…¨ã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ³ãƒ”ãƒ¥ãƒ¼ã‚¿ã¨é€šä¿¡ã™ã‚‹ãŸã‚ã®ãƒ—ãƒãƒˆã‚³ãƒ«ã€‚ SSHã§ã¯ä»¥ä¸‹ã®ç‚¹ã§å¾“æ¥ã®Telnetã‚ˆã‚Šå®‰å…¨ãªé€šä¿¡ãŒè¡Œãˆã‚‹ã€‚1 ãƒ‘ã‚¹ãƒ¯ãƒ¼ãƒ‰ã‚„ãƒ‡ãƒ¼ã‚¿ã‚’æš—å·åŒ–ã—ã¦é€šä¿¡ã™ã‚‹ã€‚ ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒã‚µãƒ¼ãƒãƒ¼ã«æŽ¥ç¶šã™ã‚‹æ™‚ã«ã€æŽ¥ç¶šå…ˆãŒæ„å›³ã—ãªã„ã‚µãƒ¼ãƒãƒ¼ã«èª˜å°Žã•ã‚Œã¦ã„ãªã„ã‹åŽ³å¯†ã«
glat_design 2015/03/10
å‹‰å¼·ã—ã¾ã™â€¦ /

Webåˆ¶ä½œ

ã‚µãƒ¼ãƒãƒ¼

ssh

è§£èª¬

Qiita

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼
ãƒªãƒ³ã‚¯
5åˆ†ã§ã‚ã‹ã‚‹æ£ã—ã„ Web ã‚µã‚¤ãƒˆå¸¸æ™‚ SSL åŒ–ã®ãŸã‚ã®åŸºç¤ŽçŸ¥è˜
Web ã‚µã‚¤ãƒˆã‚’å¸¸æ™‚ SSL åŒ–ã™ã‚‹å ´åˆã«ã€æœ€ä½Žé™çŸ¥ã£ã¦ãŠã‹ãªã‘ã‚Œã°ãªã‚‰ãªã„çŸ¥è˜ã‚„ã€æ³¨æ„ç‚¹ã€å®Ÿéš›ã®è¨å®šæ–¹æ³•ã¾ã§ã€ã²ã¨é€šã‚Šã¾ã¨ã‚ã¦ã¿ã¾ã—ãŸã€‚ãƒ¡ãƒªãƒƒãƒˆã‚„ãƒ‡ãƒ¡ãƒªãƒƒãƒˆã€è¨¼æ˜Žæ›¸ã®ç¨®åˆ¥ã‹ã‚‰ãƒªãƒ€ã‚¤ãƒ¬ã‚¯ãƒˆè¨å®šãªã©ã«ã¤ã„ã¦ã‚‚è§£èª¬ã—ã¦ã„ã¾ã™ã€‚ HTTPS ã‚’ãƒ©ãƒ³ã‚ãƒ³ã‚°ã‚·ã‚°ãƒŠãƒ«ã«ä½¿ç”¨ã—ã¾ã™ã¨ Google ãŒå…¬å¼ã«ç™ºè¡¨ã—ãŸã‚ãŸã‚Šã‹ã‚‰ã€Web ã‚µã‚¤ãƒˆã® SSL å¯¾å¿œã€ç‰¹ã« Google ãŒæŽ¨å¥¨ã—ã¦ã„ã‚‹ Web ã‚µã‚¤ãƒˆã‚’ã™ã¹ã¦ HTTPS ã§é…ä¿¡ã™ã‚‹ã€æ‰€è¬‚ ã€Œå¸¸æ™‚ SSL åŒ–ã€ ã«ã¤ã„ã¦ã®è©±ã‚’èžã„ãŸã‚Šã€å®Ÿéš›ã«ãŠå®¢æ§˜ã‹ã‚‰ç›¸è«‡ã•ã‚ŒãŸã‚Šã™ã‚‹ã‚±ãƒ¼ã‚¹ãŒå¢—ãˆã¦ãã¾ã—ãŸã€‚ ãã“ã§ã€ã„ã„æ©Ÿä¼šã ã—ãã®è¾ºã«é–¢ã™ã‚‹æƒ…å ±ã‚’ã¾ã¨ã‚ã¦ãŠã“ã†ã‹ãªï½ž ã¨æ€ã£ã¦æ›¸ã„ã¦ã¿ãŸã€æ’ä¾‹ã® ï¼ˆï¼Ÿï¼‰ 5åˆ†ã§ã‚ã‹ã‚‹ã‚·ãƒªãƒ¼ã‚ºã€‚æ›¸ãçµ‚ã‚ã£ã¦è¦‹ãŸã¨ã“ã‚çµ¶å¯¾ã« 5åˆ†ã˜ã‚ƒç„¡ç†ã£ã¦ã„ã†æ–‡ç« é‡ã«ãªã£ã¦ã¦ã©ã†ã—ã‚ˆã†ã‹ãªãã¨ã‚‚æ€ã£ãŸã‚“ã§ã™ãŒã€æ°—ã«ã›ãšå…¬é–‹ã—ã¦ã¿ã¾ã™ã€‚ å¸¸æ™‚ SSL
glat_design 2015/03/06
ã¾ãŸèªã¿è¿”ã—ã¦ã¿ã‚‹ /

Webåˆ¶ä½œ

SSL

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼

è§£èª¬
ãƒªãƒ³ã‚¯
1