====== Web Security ====== * https://www.owasp.org * [[https://www.owasp.org/index.php/OWASP_Testing_Project|OWASP Testing Project - OWASP]] [[http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202010%20Korean.pdf|한국어판]] * https://github.com/OWASP/Top10/ * [[https://cheatsheetseries.owasp.org/|OWASP Cheatsheets]] ===== CSRF ===== * [[http://ko.wikipedia.org/wiki/%EC%82%AC%EC%9D%B4%ED%8A%B8_%EA%B0%84_%EC%9A%94%EC%B2%AD_%EC%9C%84%EC%A1%B0|CSRF]] * 다른 도메인에 대해 Javascript 로 POST를 날리는 것은 불가능하다. 하지만 ''