{"id":735,"date":"2025-07-09T22:14:45","date_gmt":"2025-07-09T14:14:45","guid":{"rendered":"https:\/\/koishi.team\/?p=735"},"modified":"2025-07-10T09:10:41","modified_gmt":"2025-07-10T01:10:41","slug":"csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1","status":"publish","type":"post","link":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/","title":{"rendered":"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1"},"content":{"rendered":"\n

CSRF (Cross-site request forgery\uff0c\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020)\u4e5f\u88ab\u79f0\u4e3aOne Click Attack\u6216\u8005Session Riding\uff0c\u901a\u5e38\u7f29\u5199\u4e3aCSRF\u6216\u8005XSRF\uff0c\u662f\u4e00\u79cd\u5bf9\u7f51\u7ad9\u7684\u6076\u610f\u5229\u7528\u3002\u5c3d\u7ba1\u542c\u8d77\u6765\u50cf\u8de8\u7ad9\u811a\u672c(XSS)\uff0c\u4f46\u5b83\u4e0eXSS\u975e\u5e38\u4e0d\u540c\uff0cXSS\u5229\u7528\u7ad9\u70b9\u5185\u7684\u4fe1\u4efb\u7528\u6237\uff0c\u800cCSRF\u5219\u901a\u8fc7\u4f2a\u88c5\u6210\u53d7\u4fe1\u4efb\u7528\u6237\u8bf7\u6c42\u53d7\u4fe1\u4efb\u7684\u7f51\u7ad9\u3002<\/p>\n\n\n\n

CSRF\u8fd0\u7528\u6700\u591a\u7684\u5730\u65b9\u5c31\u662f\u4e00\u4e9b\u9493\u9c7c\u7f51\u7ad9\uff0c\u76ee\u7684\u53ef\u4ee5\u662f\u4e3a\u4e86\u83b7\u53d6\u67d0\u7f51\u7ad9\u7684\u7ba1\u7406\u5458\u6743\u9650\u6216\u8005\u4e00\u4e9b\u5371\u9669\u8bf7\u6c42\uff08\u6bd4\u5982\u8bf4\u94f6\u884c\u5361\u8f6c\u8d26\uff09\uff0cburpsuite\u53ef\u4ee5\u5c06\u6293\u7684\u5305\u8fdb\u884c\u66f4\u6539\uff0c\u751f\u6210\u4e3aCSRF PoC\uff0c\u4f5c\u7528\u662f\u7528\u6237\u4e00\u8bbf\u95eehtml\u6216\u8005\u5176\u4ed6\u7f51\u5740(\u5982\u679c\u662fphp\u53ef\u4ee5\u91cd\u5b9a\u5411)\uff0c\u53d7\u5bb3\u8005\u5c31\u4f1a\u91cd\u590d\u53d1\u9001\u4e00\u4e2a\u8bf7\u6c42\u5305<\/p>\n\n\n\n

\"\"<\/div><\/figure>\n\n\n\n

\u62ff\u6211\u535a\u5ba2\u7684\u6ce8\u518c\u9875\u9762\u4e3a\u4f8b<\/p>\n\n\n\n

\"\"<\/div><\/figure>\n\n\n\n
\"\"<\/div><\/figure>\n\n\n\n

\uff08\u8d85\u786c\u6838\u6253\u7801\uff09<\/p>\n\n\n\n

\u751f\u6210\u7684CSRF\u5c31\u957f\u8fd9\u6837<\/p>\n\n\n\n

\"\"<\/div><\/figure>\n\n\n\n

\u5c06\u4ee3\u7801\u4fdd\u5b58\u5230html\u6253\u5f00\u5c31\u53ef\u4ee5\u6267\u884c<\/p>\n\n\n\n

\u53ef\u4ee5\u770b\u89c1\u7528\u6237\u7ec4\u6ca1\u6709\u53ebssss\u7684\u7528\u6237<\/p>\n\n\n\n

\"\"<\/div><\/figure>\n\n\n\n
\"\"<\/div><\/figure>\n\n\n\n

\u70b9\u51fb\u4e4b\u540e\u5c31\u6709\u4e86<\/p>\n\n\n\n

\"\"<\/div><\/figure>\n\n\n\n

\u56e0\u4e3a\u53d7\u5bb3\u8005\u6d4f\u89c8\u5668\u8bb0\u5f55\u4e86\u767b\u5f55\u7684\u8d26\u53f7\uff0c\u6709\u4e86\u8d26\u53f7\u7684cookie\uff0c\u6b64html\u5fc5\u987b\u7531\u53d7\u5bb3\u8005\u6267\u884c\u5e76\u4e14\u4f7f\u7528\u7684\u662f\u4e0e\u6ce8\u518c\u7f51\u7ad9\u76f8\u540c\u7684\u6d4f\u89c8\u5668\uff0c\u6240\u4ee5\u76f8\u5e94\u7684\u5e94\u7528\u573a\u666f\u4e3a\u5c06\u4fee\u6539\u540e\u7684html\u6587\u4ef6\u653e\u5230\u9493\u9c7c\u7f51\u7ad9\u76ee\u5f55\uff0c\u7528\u6237\u8bbf\u95ee\u540e\u4f1a\u81ea\u52a8\u6267\u884cSSRF,\u4e5f\u5c31\u662f\u81ea\u52a8\u521b\u5efa\u53d7\u5bb3\u8005\u7f51\u7ad9\u7684\u7ba1\u7406\u5458\u8d26\u6237\uff0c\u56e0\u4e3a\u5404\u4e2a\u5e73\u53f0\u7684\u53d1\u5305\u89c4\u5219\u4e0d\u540c\uff0c\u6709\u7684\u5e73\u53f0SSRF PoC\u53ef\u4ee5\u4e00\u76f4\u7528\uff0c\u6709\u7684\u4f1a\u5bf9\u6ce8\u518c\u4fe1\u606f\u8fdb\u884c\u52a0\u5bc6\uff0c\u8fd9\u91cc\u53ea\u8c08\u65e0\u9632\u62a4\u7684CSRF\u5229\u7528<\/p>\n\n\n\n

\u9632\u5fa1\u65b9\u6cd5<\/h1>\n\n\n\n

\u68c0\u67e5Referer\u5b57\u6bb5<\/h2>\n\n\n\n
\"\"<\/div><\/figure>\n\n\n\n

Referer \u662f HTTP \u534f\u8bae\u4e2d\u7684\u4e00\u4e2a\u8bf7\u6c42\u5934\u90e8\uff0c\u5b83\u8bb0\u5f55\u4e86\u8bf7\u6c42\u6765\u6e90\u7684\u4fe1\u606f\uff08URL \u5730\u5740\uff09\u3002\u5f53\u7528\u6237\u7684\u6d4f\u89c8\u5668\u8bbf\u95ee\u4e00\u4e2a\u9875\u9762\u65f6\uff0c\u8bf7\u6c42\u5934\u4f1a\u5305\u542b Referer \u5b57\u6bb5\uff0c\u544a\u8bc9\u670d\u52a1\u5668\u7528\u6237\u662f\u4ece\u54ea\u4e2a\u7f51\u9875\u8df3\u8f6c\u8fc7\u6765\u7684\u3002\u8fd9\u4e2a\u5b57\u6bb5\u5728\u8eab\u4efd\u9a8c\u8bc1\u3001\u9632\u76d7\u94fe\u7b49\u5e94\u7528\u573a\u666f\u4e2d\u975e\u5e38\u5173\u952e\u3002\u5982\u679c\u662f\u6b63\u5e38\u521b\u5efa\u7528\u6237\u90a3\u4e48Referer\u80af\u5b9a\u662f\u672c\u7ad9\uff0c\u5982\u679c\u662f\u9493\u9c7c\u7f51\u7ad9\u5219\u4e0d\u901a\u8fc7<\/p>\n\n\n\n

\u53ef\u4ee5\u901a\u8fc7\u540e\u7aef\u7684Referer\u6765\u5224\u65ad\u8be5\u6570\u636e\u5305<\/p>\n\n\n\n

Referer\u53ef\u4ee5\u5206\u4e3a\u5168\u90e8\u5bf9\u6bd4\u989d\u5339\u914d\u5bf9\u6bd4\uff0c\u5168\u90e8\u5bf9\u6bd4\u610f\u601d\u662fReferer\u5fc5\u987b\u662f\u8be5\u7f51\u7ad9\uff0c\u903b\u8f91\u4e0a\u6ca1\u6709\u6f0f\u6d1e\uff0c\u6761\u4ef6\u5bf9\u6bd4\u662f\u53ea\u6709\u68c0\u6d4b\u5230\u6709\u7f51\u7ad9\u8fd9\u4e2a\u5b57\u6bb5\u5c31\u53ef\u4ee5\u7ed5\u8fc7\uff0c\u53ef\u4ee5\u5c06\u6e90\u7f51\u7ad9\u4f5c\u4e3a\u9493\u9c7c\u7f51\u7ad9\u540e\u7684\u5047\u76ee\u5f55\u8fdb\u884c\u7ed5\u8fc7\u6bd4\u5982<\/p>\n\n\n\n

Referer: http:\/\/hack.com\/8.9.10.11\/1.html<\/p>\n\n\n\n

\u4e00\u822c\u60c5\u51b5\u4e0b\u6761\u4ef6\u5bf9\u6bd4\u4e5f\u65e0\u6cd5\u5229\u7528\uff0c\u56e0\u4e3a\u5982\u679c\u662f\u57df\u540d\u8bbf\u95ee\u7684\u5316\u76ee\u6807\u5fc5\u987b\u662fhttp:\/\/xxxx.com\/<\/p>\n\n\n\n

\/\/\u65e0\u6cd5\u4f5c\u4e3a\u76ee\u5f55\u6240\u4ee5\u68c0\u6d4b\u5931\u8d25<\/p>\n\n\n\n

\u5f53\u7136\u6709\u4e9b\u903b\u8f91\u9519\u8bef\uff0c\u5373\u4f7f\u4fee\u6539\u8bf7\u6c42\u5934\u4f7fReferer\u7559\u7a7a\u4e5f\u80fd\u6b63\u5e38\u7ed5\u8fc7<\/p>\n\n\n\n

\u68c0\u67e5Referer\u5b57\u6bb5\u5e76\u4e0d\u662f\u5b8c\u5168\u6709\u6548\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7XSS\u8de8\u7ad9\u548c\u4e0a\u4f20html\u6587\u4ef6\u4f7f\u5176Referer\u6765\u6e90\u6765\u81ea\u53d7\u5bb3\u8005\u7684\u7f51\u7ad9\uff0c\u76f4\u63a5\u65e0\u89c6\u68c0\u6d4b<\/p>\n\n\n\n

CsrfToken<\/h2>\n\n\n\n
\"\"<\/div><\/figure>\n\n\n\n

Token\u662f\u5f00\u53d1\u8005\u7684\u9632\u62a4\u624b\u6bb5\uff0c\u8fd8\u62ff\u521b\u5efa\u7528\u6237\u4e3a\u4f8b\uff0c\u521b\u5efa\u7528\u6237\u65f6POST\u5305\u91cc\u4e0d\u4ec5\u5305\u542b\u8fd9\u8d26\u53f7\u5bc6\u7801\u7b49\u4fe1\u606f\u8fd8\u5305\u542b\u4e00\u4e2aToken\uff0c\u5b83\u76f8\u5f53\u4e8e\u7ed9\u5f53\u524dPOST\u5305\u6253\u4e86\u4e00\u4e2a\u6807\u7b7e\uff0c\u8fd9\u4e2a\u6807\u7b7e\u76f8\u5f53\u4e8e\u4e00\u4e2a\u68c0\u6d4b\u673a\u5236\uff0c\u53ea\u6709Token\u53d1\u9001\u7684Token\u548c\u751f\u6210POST\u5305\u7684\u4e00\u6478\u4e00\u6837\u624d\u80fdCSRF\u68c0\u6d4b\u901a\u8fc7\u3002<\/p>\n\n\n\n

 \u5982:_wpnonce_create-user=9726b96c11  <\/code><\/pre>\n\n\n\n
\u4f46\u662fToken\u51e0\u4e4e\u662f\u65e0\u65f6\u65e0\u523b\u66f4\u65b0\u7684\uff0c\u5237\u65b0\u8868\u5355\uff0c\u95f4\u9694\u4e00\u5b9a\u65f6\u95f4\uff0c\u4e0d\u540c\u7528\u6237\/\u6d4f\u89c8\u5668\u8bbf\u95ee\u90fd\u4f1a\u5237\u65b0\u5f53\u524dToken\uff0c\u653b\u51fb\u8005\u53ea\u80fd\u5f97\u5230\u5f53\u524d\u7684Token\u4e5f\u5c31\u65e0\u6cd5\u901a\u8fc7\u9a8c\u8bc1\u3002\u73b0\u5728\u5927\u90e8\u5206\u7f51\u7ad9\u90fd\u5728\u7528\u8fd9\u79cd\u9a8c\u8bc1\u65b9\u5f0f\uff0c\u80fd\u5229\u7528\u8fd9\u79cd\u6f0f\u6d1e\u591a\u534a\u662f\u903b\u8f91\u5199\u7684\u4e0d\u4e25\u8c28<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
CSRF (Cross-site request forgery\uff0c\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020)\u4e5f\u88ab\u79f0\u4e3aOne Click A […]<\/p>\n","protected":false},"author":1,"featured_media":749,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-735","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-writings"],"yoast_head":"\nCSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1 - \u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1 - \u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c\" \/>\n<meta property=\"og:description\" content=\"CSRF (Cross-site request forgery\uff0c\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020)\u4e5f\u88ab\u79f0\u4e3aOne Click A […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1\/\" \/>\n<meta property=\"og:site_name\" content=\"\u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-09T14:14:45+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-10T01:10:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/koishi.team\/wp-content\/uploads\/2025\/07\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1900\" \/>\n\t<meta property=\"og:image:height\" content=\"1262\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Speeder\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/koishi.team\/wp-content\/uploads\/2025\/05\/77992108_p0-1-scaled.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"Speeder\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/\"},\"author\":{\"name\":\"Speeder\",\"@id\":\"https:\\\/\\\/koishi.team\\\/#\\\/schema\\\/person\\\/61a09d37ac9078d28245c5e1502a58c3\"},\"headline\":\"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1\",\"datePublished\":\"2025-07-09T14:14:45+00:00\",\"dateModified\":\"2025-07-10T01:10:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/\"},\"wordCount\":66,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/#\\\/schema\\\/person\\\/61a09d37ac9078d28245c5e1502a58c3\"},\"image\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/koishi.team\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg\",\"articleSection\":[\"\u6587\u7ae0\"],\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/\",\"url\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/\",\"name\":\"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1 - \u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/koishi.team\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg\",\"datePublished\":\"2025-07-09T14:14:45+00:00\",\"dateModified\":\"2025-07-10T01:10:41+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/#primaryimage\",\"url\":\"https:\\\/\\\/koishi.team\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg\",\"contentUrl\":\"https:\\\/\\\/koishi.team\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg\",\"width\":1900,\"height\":1262},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/2025\\\/07\\\/09\\\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/koishi.team\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/koishi.team\\\/#website\",\"url\":\"https:\\\/\\\/koishi.team\\\/\",\"name\":\"\u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c\",\"description\":\"\u300cSubterranean Rose\u300d\",\"publisher\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/#\\\/schema\\\/person\\\/61a09d37ac9078d28245c5e1502a58c3\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/koishi.team\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-Hans\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/koishi.team\\\/#\\\/schema\\\/person\\\/61a09d37ac9078d28245c5e1502a58c3\",\"name\":\"Speeder\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\\\/\\\/koishi.team\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/75732553_p0-150x150.jpg\",\"url\":\"https:\\\/\\\/koishi.team\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/75732553_p0-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/koishi.team\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/75732553_p0-150x150.jpg\",\"caption\":\"Speeder\"},\"logo\":{\"@id\":\"https:\\\/\\\/koishi.team\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/75732553_p0-150x150.jpg\"},\"sameAs\":[\"https:\\\/\\\/koishi.team\"],\"url\":\"https:\\\/\\\/koishi.team\\\/index.php\\\/author\\\/speeder\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1 - \u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1\/","og_locale":"zh_CN","og_type":"article","og_title":"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1 - \u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c","og_description":"CSRF (Cross-site request forgery\uff0c\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020)\u4e5f\u88ab\u79f0\u4e3aOne Click A […]","og_url":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1\/","og_site_name":"\u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c","article_published_time":"2025-07-09T14:14:45+00:00","article_modified_time":"2025-07-10T01:10:41+00:00","og_image":[{"width":1900,"height":1262,"url":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/07\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg","type":"image\/jpeg"}],"author":"Speeder","twitter_card":"summary_large_image","twitter_image":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/05\/77992108_p0-1-scaled.jpg","twitter_misc":{"\u4f5c\u8005":"Speeder"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/#article","isPartOf":{"@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/"},"author":{"name":"Speeder","@id":"https:\/\/koishi.team\/#\/schema\/person\/61a09d37ac9078d28245c5e1502a58c3"},"headline":"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1","datePublished":"2025-07-09T14:14:45+00:00","dateModified":"2025-07-10T01:10:41+00:00","mainEntityOfPage":{"@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/"},"wordCount":66,"commentCount":0,"publisher":{"@id":"https:\/\/koishi.team\/#\/schema\/person\/61a09d37ac9078d28245c5e1502a58c3"},"image":{"@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/#primaryimage"},"thumbnailUrl":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/07\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg","articleSection":["\u6587\u7ae0"],"inLanguage":"zh-Hans","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/","url":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/","name":"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1 - \u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c","isPartOf":{"@id":"https:\/\/koishi.team\/#website"},"primaryImageOfPage":{"@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/#primaryimage"},"image":{"@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/#primaryimage"},"thumbnailUrl":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/07\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg","datePublished":"2025-07-09T14:14:45+00:00","dateModified":"2025-07-10T01:10:41+00:00","breadcrumb":{"@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/"]}]},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/#primaryimage","url":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/07\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg","contentUrl":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/07\/\u3010\u54f2\u98ce\u58c1\u7eb8\u3011\u4e1c\u65b9-\u4e1c\u65b9project.jpg","width":1900,"height":1262},{"@type":"BreadcrumbList","@id":"https:\/\/koishi.team\/index.php\/2025\/07\/09\/csrf%e6%bc%8f%e6%b4%9e%e5%8e%9f%e7%90%86%e6%94%bb%e5%87%bb%e4%b8%8e%e9%98%b2%e5%be%a1\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/koishi.team\/"},{"@type":"ListItem","position":2,"name":"CSRF\u6f0f\u6d1e\u539f\u7406\u653b\u51fb\u4e0e\u9632\u5fa1"}]},{"@type":"WebSite","@id":"https:\/\/koishi.team\/#website","url":"https:\/\/koishi.team\/","name":"\u5c0f\u77f3\u5934\u7684\u7eee\u5fc3\u697c","description":"\u300cSubterranean Rose\u300d","publisher":{"@id":"https:\/\/koishi.team\/#\/schema\/person\/61a09d37ac9078d28245c5e1502a58c3"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/koishi.team\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-Hans"},{"@type":["Person","Organization"],"@id":"https:\/\/koishi.team\/#\/schema\/person\/61a09d37ac9078d28245c5e1502a58c3","name":"Speeder","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/05\/75732553_p0-150x150.jpg","url":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/05\/75732553_p0-150x150.jpg","contentUrl":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/05\/75732553_p0-150x150.jpg","caption":"Speeder"},"logo":{"@id":"https:\/\/koishi.team\/wp-content\/uploads\/2025\/05\/75732553_p0-150x150.jpg"},"sameAs":["https:\/\/koishi.team"],"url":"https:\/\/koishi.team\/index.php\/author\/speeder\/"}]}},"_links":{"self":[{"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/posts\/735","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/comments?post=735"}],"version-history":[{"count":3,"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/posts\/735\/revisions"}],"predecessor-version":[{"id":754,"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/posts\/735\/revisions\/754"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/media\/749"}],"wp:attachment":[{"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/media?parent=735"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/categories?post=735"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/koishi.team\/index.php\/wp-json\/wp\/v2\/tags?post=735"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}