Cookie 与 SameSite/Secure 存储安全实践

YBB 1 阅读 0 评论 0 点赞

核心属性SameSite：默认 `Lax`，跨站请求限制；必要时使用 `None; Secure`。Secure：仅在 HTTPS 传输；HttpOnly：禁止前端 JS 访问。实践要点作用域：`Domain`/`Path` 精确定义；短期敏感信息缩短过期时间。CSRF 防护：配合双重提交或 token 校验；避免跨站注入。结论合理使用属性与作用域，结合后端校验，显著提升存储安全性。

点赞(0) 打赏

本文分类：Recovered Channel 1891
本文标签：存储安全实践
浏览次数：1 次浏览
发布日期：2026-02-13 01:10:10
本文链接：https://www.ybb.press/recovered-1891/3664.html

评论列表共有 0 条评论

暂无评论

发表评论取消回复

立即
投稿

微信公众账号

微信扫一扫加关注

发表
评论返回
顶部

基本文件流程错误 SQL 调试

/www/wwwroot/yebinbing/public/index.php ( 0.88 KB )
/www/wwwroot/yebinbing/thinkphp/start.php ( 0.72 KB )
/www/wwwroot/yebinbing/thinkphp/base.php ( 2.60 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Loader.php ( 21.07 KB )
/www/wwwroot/yebinbing/vendor/composer/autoload_static.php ( 10.49 KB )
/www/wwwroot/yebinbing/vendor/symfony/deprecation-contracts/function.php ( 0.98 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-php80/bootstrap.php ( 1.50 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-mbstring/bootstrap.php ( 8.26 KB )
/www/wwwroot/yebinbing/vendor/ralouphie/getallheaders/src/getallheaders.php ( 1.60 KB )
/www/wwwroot/yebinbing/vendor/guzzlehttp/guzzle/src/functions_include.php ( 0.16 KB )
/www/wwwroot/yebinbing/vendor/guzzlehttp/guzzle/src/functions.php ( 5.54 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-php73/bootstrap.php ( 0.99 KB )
/www/wwwroot/yebinbing/vendor/ezyang/htmlpurifier/library/HTMLPurifier.composer.php ( 0.10 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-helper/src/helper.php ( 2.88 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/common.php ( 15.67 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Route.php ( 60.23 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Config.php ( 6.38 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Hook.php ( 4.71 KB )
/www/wwwroot/yebinbing/vendor/overtrue/wechat/src/Kernel/Support/Helpers.php ( 2.54 KB )
/www/wwwroot/yebinbing/vendor/overtrue/wechat/src/Kernel/Helpers.php ( 1.89 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-captcha/src/helper.php ( 1.94 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Validate.php ( 42.78 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-queue/src/common.php ( 1.19 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Console.php ( 23.13 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Error.php ( 3.75 KB )
/www/wwwroot/yebinbing/thinkphp/convention.php ( 10.37 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/App.php ( 21.58 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Request.php ( 49.78 KB )
/www/wwwroot/yebinbing/application/config.php ( 11.96 KB )
/www/wwwroot/yebinbing/application/database.php ( 2.25 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Env.php ( 1.21 KB )
/www/wwwroot/yebinbing/application/extra/addons.php ( 1.20 KB )
/www/wwwroot/yebinbing/application/extra/apibbj.php ( 0.86 KB )
/www/wwwroot/yebinbing/application/extra/queue.php ( 0.55 KB )
/www/wwwroot/yebinbing/application/extra/site.php ( 0.89 KB )
/www/wwwroot/yebinbing/application/extra/upload.php ( 1.05 KB )
/www/wwwroot/yebinbing/application/tags.php ( 1.23 KB )
/www/wwwroot/yebinbing/application/common.php ( 15.57 KB )
/www/wwwroot/yebinbing/thinkphp/helper.php ( 17.30 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Debug.php ( 7.13 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Log.php ( 6.05 KB )
/www/wwwroot/yebinbing/addons/cms/Cms.php ( 6.48 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/Addons.php ( 7.64 KB )
/www/wwwroot/yebinbing/addons/signin/Signin.php ( 2.24 KB )
/www/wwwroot/yebinbing/addons/cropper/Cropper.php ( 0.65 KB )
/www/wwwroot/yebinbing/addons/nkeditor/Nkeditor.php ( 1.35 KB )
/www/wwwroot/yebinbing/addons/prism/Prism.php ( 2.04 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Cache.php ( 6.10 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/cache/driver/File.php ( 7.27 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/cache/Driver.php ( 5.98 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/View.php ( 6.77 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/view/driver/Think.php ( 5.64 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Template.php ( 44.92 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/template/driver/File.php ( 2.24 KB )
/www/wwwroot/yebinbing/addons/cms/config.php ( 28.18 KB )
/www/wwwroot/yebinbing/application/common/behavior/Common.php ( 3.02 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Lang.php ( 7.42 KB )
/www/wwwroot/yebinbing/thinkphp/lang/zh-cn.php ( 11.81 KB )
/www/wwwroot/yebinbing/application/route.php ( 1.08 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Route.php ( 3.35 KB )
/www/wwwroot/yebinbing/application/common/lang/zh-cn/addon.php ( 6.09 KB )
/www/wwwroot/yebinbing/extend/fast/Form.php ( 39.79 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/config/driver/Ini.php ( 0.83 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Url.php ( 12.72 KB )
/www/wwwroot/yebinbing/addons/cms/controller/Archives.php ( 5.85 KB )
/www/wwwroot/yebinbing/addons/cms/controller/Base.php ( 3.75 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Controller.php ( 7.08 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Controller.php ( 6.07 KB )
/www/wwwroot/yebinbing/thinkphp/library/traits/controller/Jump.php ( 4.92 KB )
/www/wwwroot/yebinbing/addons/cms/lang/zh-cn.php ( 5.58 KB )
/www/wwwroot/yebinbing/application/common/library/Auth.php ( 15.50 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Cookie.php ( 8.17 KB )
/www/wwwroot/yebinbing/application/common/model/Config.php ( 6.71 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Model.php ( 69.55 KB )
/www/wwwroot/yebinbing/addons/cms/library/Service.php ( 28.97 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Db.php ( 6.67 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/connector/Mysql.php ( 3.89 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Connection.php ( 29.97 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Query.php ( 93.80 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/builder/Mysql.php ( 4.53 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Builder.php ( 31.81 KB )
/www/wwwroot/yebinbing/addons/cms/model/Archives.php ( 22.89 KB )
/www/wwwroot/yebinbing/thinkphp/library/traits/model/SoftDelete.php ( 4.86 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/relation/BelongsTo.php ( 7.75 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/relation/OneToOne.php ( 10.03 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/Relation.php ( 3.61 KB )
/www/wwwroot/yebinbing/addons/cms/model/Channel.php ( 19.14 KB )
/www/wwwroot/yebinbing/addons/cms/model/Modelx.php ( 1.97 KB )
/www/wwwroot/yebinbing/addons/cms/model/Fields.php ( 3.46 KB )
/www/wwwroot/yebinbing/addons/cms/model/SpiderLog.php ( 1.75 KB )
/www/wwwroot/yebinbing/addons/cms/model/Tag.php ( 6.98 KB )
/www/wwwroot/yebinbing/addons/cms/model/Autolink.php ( 0.57 KB )
/www/wwwroot/yebinbing/application/common/model/User.php ( 4.22 KB )
/www/wwwroot/yebinbing/runtime/temp/388d6f0b5bff3196cdb77891cfa4196c.php ( 32.66 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Session.php ( 10.86 KB )
/www/wwwroot/yebinbing/extend/fast/Tree.php ( 15.55 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/Collection.php ( 2.27 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Collection.php ( 11.10 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Expression.php ( 1.11 KB )
/www/wwwroot/yebinbing/addons/cms/model/Comment.php ( 9.37 KB )
/www/wwwroot/yebinbing/addons/cms/library/Bootstrap.php ( 5.49 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Paginator.php ( 9.94 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Response.php ( 8.28 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/debug/Html.php ( 4.17 KB )

[ BEHAVIOR ] Run Closure @app_init [ RunTime:0.000095s ]
[ CACHE ] INIT File
[ BEHAVIOR ] Run \addons\cms\Cms @app_init [ RunTime:0.009134s ]
[ BEHAVIOR ] Run Closure @app_init [ RunTime:0.009263s ]
[ BEHAVIOR ] Run app\common\behavior\Common @app_init [ RunTime:0.001523s ]
[ LANG ] /www/wwwroot/yebinbing/thinkphp/lang/zh-cn.php
[ BEHAVIOR ] Run app\common\behavior\Common @app_dispatch [ RunTime:0.000117s ]
[ ROUTE ] array ( 'type' => 'method', 'method' => array ( 0 => '\\think\\addons\\Route', 1 => 'execute', ), 'var' => array ( 'addon' => 'cms', 'controller' => 'archives', 'action' => 'index', ), )
[ HEADER ] array ( 'cf-visitor' => '{"scheme":"https"}', 'cf-ipcountry' => 'US', 'cf-connecting-ip' => '216.73.216.35', 'cdn-loop' => 'cloudflare; loops=1', 'cf-ray' => '9cefc1d7babc97fe-CMH', 'accept-encoding' => 'gzip, br', 'cookie' => 'PHPSESSID=osse1606qlmjh77ma4t5g1shmb', 'accept' => '*/*', 'user-agent' => 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])', 'connection' => 'close', 'remote-host' => '104.23.243.9', 'x-forwarded-port' => '80', 'x-forwarded-host' => 'www.ybb.press', 'x-forwarded-proto' => 'http', 'x-forwarded-for' => '216.73.216.35, 104.23.243.9', 'x-real-port' => '12465', 'x-real-ip' => '104.23.243.9', 'host' => 'ybb.ybb.press', 'content-length' => '', 'content-type' => '', )
[ PARAM ] array ( 'catename' => 'recovered-1891', 'id' => '3664', )
[ RUN ] think\addons\Route->execute[ /www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Route.php ]
[ LANG ] /www/wwwroot/yebinbing/public/../application/common/lang/zh-cn/addon.php
[ BEHAVIOR ] Run app\common\behavior\Common @addon_begin [ RunTime:0.004739s ]
[ LANG ] /www/wwwroot/yebinbing/addons/cms/lang/zh-cn.php
[ DB ] INIT mysql
[ VIEW ] /www/wwwroot/yebinbing/addons/cms/view/default/show_news.html [ array ( 0 => 'config', 1 => 'user', 2 => 'site', 3 => '__CHANNEL__', 4 => 'isWechat', 5 => '__ARCHIVES__', 6 => '__MODEL__', ) ]
[ SESSION ] INIT array ( 'id' => '', 'var_session_id' => '', 'prefix' => 'think', 'type' => '', 'auto_start' => true, )
[ BEHAVIOR ] Run \addons\cms\Cms @view_filter [ RunTime:0.000420s ]

2.136907s

Cookie 与 SameSite/Secure 存储安全实践

Samsung 首款 PCIe 6.0 SSD 亮相

Fetch Metadata 请求头实践：防跨站请求伪造与滥用

Fetch Metadata 请求元数据安全治理：Sec-Fetch 头与跨站威胁缓解实践

Fetch Keepalive请求治理（大小/速率/终止）最佳实践

评论列表 共有 0 条评论

发表评论 取消回复

评论列表共有 0 条评论

发表评论取消回复