03 2023 档案
摘要:https://docs.scrapy.org/en/latest/intro/tutorial.html https://docs.scrapy.org/en/latest/topics/selectors.html https://docs.scrapy.org/en/latest/topics
阅读全文
摘要:本文的重点介绍python中的yield用法及这样的表达式: comp_list = [x * 2 for x in range(10)] -- List Comprehensions 和 (x ** 2 for x in range(10)) -- Generator Expressions 摘抄
阅读全文
摘要:我的mac浏览器是可以上github了,但是terminal怎么设置都不走代理(包括把整个无线网都设置为走代理,还是不通),curl https://github.com 不通,后来查了下,有人说terminal在mac设计的时候就是不走代理,不知道为什么apple这样设计。 在网上查了一下,以下两
阅读全文
摘要:from: https://owasp.org/www-community/attacks/Session_fixation Description Session Fixation is an attack that permits an attacker to hijack a valid us
阅读全文
摘要:在介绍xss的英文文章中常看到sink这个词语。查了下: A sink is a potentially dangerous JavaScript function that can caused undesirable effects if attacker controlled data is
阅读全文
摘要:Since Java Strings are based on char arrays and Java automatically checks array bounds, buffer overflows are only possible in unusual scenarios: If yo
阅读全文
摘要:来自CISSP OSG Antimalware Software The vast majority of these packages use a method known as signature-based detection to identify potential virus infec
阅读全文
摘要:How SAML Authentication Works? (goteleport.com) SAML Terminology Unfortunately before going any further we have to define some SAML-specific terminolo
阅读全文
摘要:state参数是oauth2中防止CSRF攻击的参数,用法是:service web先生成一个纯随机的state nonce,把state存到local browser中(cookie),然后加到url中,direct to 第三方站点认证,根据oauth协议,第三方站点会redirect back
阅读全文
