Solution | Xiyue

HTTP Host Header Attack Vulnerability: Cause Analysis and Practical Defense Solutions

The HTTP Host header routes requests but is risky if misused. Its vulnerability to attack can cause code injection or ca ...
Subresource Integrity (SRI) Implementation Gap: From Risk Analysis to Remediation

Modern web apps widely use CDNs for speed but risk tampered resources. SRI is key to preventing this, yet its absence is ...
Web Security Reinforcement: HSTS Implementation Guide and Best Practices

In the HTTPS era, some web apps still risk data leaks and MitM attacks by neglecting HSTS mechanisms.
Web Application Sensitive Directory Exposure: Risk Analysis and Multi-Layered Defense Solutions

In web security, sensitive directory exposure is a basic yet stealthy threat. It offers attackers critical clues—like a ...
Host Header Attacks: Root Causes and Multi-Layered Defense Solutions

In HTTP, the Host header directs requests to specific servers. Yet, this basic field harbors risks: attackers exploit th ...
Dual Shields of Web Security: Precision Protection Against Clickjacking and CSRF

In web security, clickjacking and CSRF are two common yet severe vulnerabilities. The former tricks users into unintende ...