摘要：

针对Web访问中的安全问题，提出一种阻止跨站脚本攻击和跨站式请求伪造的同源信用引用(SOCA)协议，以Web站点的信 用度为指标，防止从跨域名网站引入恶意资源，从而加强外部引用资源的交流约束。实验结果表明，SOCA协议具有安全性和兼容性。

关键词: 同源信用引用, 信用度, 跨域名网站

Abstract:

Aiming at the security problem of Web access, Same Origin Credited Approval(SOCA) agreement to defend cross-site scripting attacks and cross-stop-request forgery attacks is proposed. Basing on credit standing, it makes innovative use of the credit of the Web site to prevent the browser from including malicious resources of cross-domain sites and strengthens communication constraints. Experimental results show that the SOCA agreement is safe and compatible.

Key words: Same Origin Credited Approval(SOCA), credit standing;, cross-domain site

中图分类号: 

• TP309.2