{"id":477493,"date":"2023-08-09T09:15:39","date_gmt":"2023-08-09T09:15:39","guid":{"rendered":""},"modified":"2023-09-05T11:14:50","modified_gmt":"2023-09-05T11:14:50","slug":"html-injection","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/jp\/wiki\/html-injection\/","title":{"rendered":"HTML\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3"},"content":{"rendered":"<p>Web \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u5206\u91ce\u306b\u304a\u3051\u308b HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3068\u306f\u3001\u653b\u6483\u8005\u304c Web \u30b5\u30a4\u30c8\u306b\u60aa\u610f\u306e\u3042\u308b HTML \u30b3\u30fc\u30c9\u3092\u633f\u5165\u3057\u3001Web \u30b5\u30a4\u30c8\u306e\u8868\u793a\u65b9\u6cd5\u3084\u6a5f\u80fd\u3092\u5909\u66f4\u3059\u308b\u3053\u3068\u3092\u53ef\u80fd\u306b\u3059\u308b\u8106\u5f31\u6027\u3092\u6307\u3057\u307e\u3059\u3002\u3053\u306e\u5f62\u5f0f\u306e\u30b3\u30fc\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u3001\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u3001\u30bb\u30c3\u30b7\u30e7\u30f3 \u30cf\u30a4\u30b8\u30e3\u30c3\u30af\u3001Web \u30b5\u30a4\u30c8\u306e\u6539\u3056\u3093\u306a\u3069\u3001\u3055\u307e\u3056\u307e\u306a\u7a2e\u985e\u306e\u653b\u6483\u306b\u3064\u306a\u304c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<h2>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8d77\u6e90\u3068\u305d\u306e\u6700\u521d\u306e\u8a00\u53ca<\/h2>\n<p>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u51fa\u73fe\u306f\u3001\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u304a\u3088\u3073 Web \u30d9\u30fc\u30b9\u306e\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u306e\u9032\u5316\u3068\u672c\u8cea\u7684\u306b\u7d50\u3073\u3064\u3044\u3066\u3044\u307e\u3059\u3002 1990 \u5e74\u4ee3\u5f8c\u534a\u304b\u3089 2000 \u5e74\u4ee3\u524d\u534a\u306b\u304b\u3051\u3066\u52d5\u7684 Web \u30b5\u30a4\u30c8\u304c\u767b\u5834\u3057\u3001Web \u304c\u3088\u308a\u30a4\u30f3\u30bf\u30e9\u30af\u30c6\u30a3\u30d6\u306b\u306a\u308b\u306b\u3064\u308c\u3066\u3001\u30b3\u30fc\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u306e\u30ea\u30b9\u30af\u304c\u5897\u52a0\u3057\u307e\u3057\u305f\u3002 HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u3001\u7528\u8a9e\u304a\u3088\u3073\u6982\u5ff5\u3068\u3057\u3066\u3001\u3053\u306e\u6642\u4ee3\u306b\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30b3\u30df\u30e5\u30cb\u30c6\u30a3\u306e\u9593\u3067\u8a8d\u8b58\u3055\u308c\u59cb\u3081\u307e\u3057\u305f\u3002<\/p>\n<p>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u3001Web \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u304c\u307e\u3060\u521d\u671f\u6bb5\u968e\u306b\u3042\u3063\u305f 2000 \u5e74\u4ee3\u521d\u982d\u9803\u306b\u3001\u521d\u3081\u3066\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7814\u7a76\u3084\u30db\u30ef\u30a4\u30c8 \u30da\u30fc\u30d1\u30fc\u3067\u9855\u8457\u306b\u8a00\u53ca\u3055\u308c\u307e\u3057\u305f\u3002\u305d\u308c\u4ee5\u6765\u3001Web \u6a5f\u80fd\u3092\u6df7\u4e71\u3055\u305b\u3001\u30e6\u30fc\u30b6\u30fc \u30c7\u30fc\u30bf\u3092\u5371\u967a\u306b\u3055\u3089\u3059\u53ef\u80fd\u6027\u304c\u3042\u308b\u305f\u3081\u3001\u5927\u304d\u306a\u6ce8\u76ee\u3092\u96c6\u3081\u3066\u304d\u307e\u3057\u305f\u3002<\/p>\n<h2>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u30ec\u30a4\u30e4\u30fc\u3092\u5c55\u958b\u3059\u308b<\/h2>\n<p>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u3001\u9069\u5207\u306a\u30b5\u30cb\u30bf\u30a4\u30ba\u3084\u691c\u8a3c\u3092\u884c\u308f\u305a\u306b\u30e6\u30fc\u30b6\u30fc\u5165\u529b\u304c Web \u30da\u30fc\u30b8\u306b\u76f4\u63a5\u7d44\u307f\u8fbc\u307e\u308c\u308b\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u307e\u3059\u3002\u653b\u6483\u8005\u306f\u3001HTML \u30b3\u30fc\u30c9\u3001JavaScript\u3001\u307e\u305f\u306f\u305d\u306e\u4ed6\u306e Web \u8a00\u8a9e\u3092\u30da\u30fc\u30b8\u306b\u5c0e\u5165\u3057\u3001\u305d\u306e\u69cb\u9020\u3084\u52d5\u4f5c\u3092\u5909\u66f4\u3059\u308b\u3053\u3068\u3067\u3053\u308c\u3092\u64cd\u4f5c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>\u60aa\u610f\u306e\u3042\u308b\u30b3\u30fc\u30c9\u306f\u3001\u30d5\u30a9\u30fc\u30e0 \u30d5\u30a3\u30fc\u30eb\u30c9\u3001URL \u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u3001\u3055\u3089\u306b\u306f Cookie \u306a\u3069\u306e\u3055\u307e\u3056\u307e\u306a\u30dd\u30a4\u30f3\u30c8\u3092\u901a\u3058\u3066\u4fb5\u5165\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u633f\u5165\u3055\u308c\u305f\u30b3\u30fc\u30c9\u304c\u4ed6\u306e\u30e6\u30fc\u30b6\u30fc\u306b\u3088\u3063\u3066\u8868\u793a\u3055\u308c\u308b\u3068\u3001\u305d\u306e\u30b3\u30fc\u30c9\u306f\u30d6\u30e9\u30a6\u30b6\u30fc\u306e\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u3067\u5b9f\u884c\u3055\u308c\u3001\u30c7\u30fc\u30bf\u306e\u76d7\u96e3\u3084 Web \u30da\u30fc\u30b8\u306e\u30b3\u30f3\u30c6\u30f3\u30c4\u306e\u6539\u3056\u3093\u306b\u3064\u306a\u304c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<h2>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u5185\u90e8\u30e1\u30ab\u30cb\u30ba\u30e0<\/h2>\n<p>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u4e2d\u5fc3\u306b\u306f\u3001\u30e6\u30fc\u30b6\u30fc\u304c\u6307\u5b9a\u3057\u305f\u30c7\u30fc\u30bf\u304c Web \u30da\u30fc\u30b8\u306b\u76f4\u63a5\u51fa\u529b\u3055\u308c\u308b\u3068\u3044\u3046\u539f\u7406\u304c\u3042\u308a\u307e\u3059\u3002 HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u653b\u6483\u306b\u304a\u3051\u308b\u4e00\u9023\u306e\u30a4\u30d9\u30f3\u30c8\u3092\u7c21\u7565\u5316\u3057\u3066\u793a\u3057\u307e\u3059\u3002<\/p>\n<ol>\n<li>\u653b\u6483\u8005\u306f\u3001\u30e6\u30fc\u30b6\u30fc\u304c\u6307\u5b9a\u3057\u305f\u30c7\u30fc\u30bf\u3092 HTML \u51fa\u529b\u306b\u76f4\u63a5\u7d44\u307f\u8fbc\u3093\u3060 Web \u30da\u30fc\u30b8\u3092\u7279\u5b9a\u3057\u307e\u3059\u3002<\/li>\n<li>\u6b21\u306b\u3001\u653b\u6483\u8005\u306f\u60aa\u610f\u306e\u3042\u308b HTML\/JavaScript \u30b3\u30fc\u30c9\u3092\u4f5c\u6210\u3057\u3001\u591a\u304f\u306e\u5834\u5408\u3001\u30d5\u30a9\u30fc\u30e0 \u30d5\u30a3\u30fc\u30eb\u30c9\u307e\u305f\u306f URL \u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u3092\u4ecb\u3057\u3066 Web \u30da\u30fc\u30b8\u306b\u5165\u529b\u3057\u307e\u3059\u3002<\/li>\n<li>\u30b5\u30fc\u30d0\u30fc\u306f\u3001\u3053\u306e\u633f\u5165\u3055\u308c\u305f\u30b3\u30fc\u30c9\u3092 Web \u30da\u30fc\u30b8\u306e HTML \u306b\u7d44\u307f\u8fbc\u307f\u307e\u3059\u3002<\/li>\n<li>\u5225\u306e\u30e6\u30fc\u30b6\u30fc\u304c\u5f71\u97ff\u3092\u53d7\u3051\u308b Web \u30da\u30fc\u30b8\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068\u3001\u305d\u306e\u30e6\u30fc\u30b6\u30fc\u306e\u30d6\u30e9\u30a6\u30b6\u3067\u60aa\u610f\u306e\u3042\u308b\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u3001\u610f\u56f3\u3057\u305f\u3068\u304a\u308a\u306e\u653b\u6483\u7d50\u679c\u304c\u5f15\u304d\u8d77\u3053\u3055\u308c\u307e\u3059\u3002<\/li>\n<\/ol>\n<h2>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u4e3b\u306a\u6a5f\u80fd<\/h2>\n<p>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u4e3b\u306a\u6a5f\u80fd\u306f\u6b21\u306e\u3068\u304a\u308a\u3067\u3059\u3002<\/p>\n<ol>\n<li>Web \u30da\u30fc\u30b8\u306e\u30b3\u30f3\u30c6\u30f3\u30c4\u306e\u64cd\u4f5c: HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u3088\u308a\u3001Web \u30da\u30fc\u30b8\u306e\u8868\u793a\u65b9\u6cd5\u3084\u6a5f\u80fd\u3092\u5909\u66f4\u3067\u304d\u307e\u3059\u3002<\/li>\n<li>\u30bb\u30c3\u30b7\u30e7\u30f3\u30cf\u30a4\u30b8\u30e3\u30c3\u30af: \u633f\u5165\u3055\u308c\u305f\u30b3\u30fc\u30c9\u306f\u30bb\u30c3\u30b7\u30e7\u30f3 Cookie \u3092\u76d7\u3080\u305f\u3081\u306b\u4f7f\u7528\u3055\u308c\u3001\u4e0d\u6b63\u30a2\u30af\u30bb\u30b9\u306b\u3064\u306a\u304c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/li>\n<li>\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0: HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u3001\u507d\u306e\u30ed\u30b0\u30a4\u30f3 \u30d5\u30a9\u30fc\u30e0\u3084\u30dd\u30c3\u30d7\u30a2\u30c3\u30d7\u3092\u4f5c\u6210\u3057\u3001\u30e6\u30fc\u30b6\u30fc\u3092\u3060\u307e\u3057\u3066\u8cc7\u683c\u60c5\u5831\u3092\u6f0f\u3089\u3059\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/li>\n<li>\u30af\u30ed\u30b9\u30b5\u30a4\u30c8 \u30b9\u30af\u30ea\u30d7\u30c6\u30a3\u30f3\u30b0 (XSS): HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f XSS \u653b\u6483\u306e\u57fa\u790e\u3092\u5f62\u6210\u3057\u3001\u60aa\u610f\u306e\u3042\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u304c\u4fe1\u983c\u3055\u308c\u305f Web \u30b5\u30a4\u30c8\u306b\u633f\u5165\u3055\u308c\u307e\u3059\u3002<\/li>\n<\/ol>\n<h2>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u7a2e\u985e<\/h2>\n<p>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u3001\u4e3b\u306b 2 \u3064\u306e\u30bf\u30a4\u30d7\u306b\u5206\u985e\u3067\u304d\u307e\u3059\u3002<\/p>\n<table>\n<thead>\n<tr>\n<th>\u30bf\u30a4\u30d7<\/th>\n<th>\u8aac\u660e<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>\u4fdd\u5b58\u3055\u308c\u305f HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3<\/td>\n<td>\u633f\u5165\u3055\u308c\u305f\u30b3\u30fc\u30c9\u306f\u30bf\u30fc\u30b2\u30c3\u30c8 \u30b5\u30fc\u30d0\u30fc\u306b\u6c38\u7d9a\u7684\u306b\u4fdd\u5b58\u3055\u308c\u307e\u3059\u3002\u30da\u30fc\u30b8\u304c\u30ed\u30fc\u30c9\u3055\u308c\u308b\u305f\u3073\u306b\u653b\u6483\u304c\u5b9f\u884c\u3055\u308c\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>\u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u3055\u308c\u305f HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3<\/td>\n<td>\u633f\u5165\u3055\u308c\u305f\u30b3\u30fc\u30c9\u306f URL \u30ea\u30af\u30a8\u30b9\u30c8\u306e\u4e00\u90e8\u3068\u3057\u3066\u542b\u307e\u308c\u307e\u3059\u3002\u3053\u306e\u653b\u6483\u306f\u3001\u60aa\u610f\u3092\u6301\u3063\u3066\u4f5c\u6210\u3055\u308c\u305f URL \u306b\u30a2\u30af\u30bb\u30b9\u3057\u305f\u5834\u5408\u306b\u306e\u307f\u767a\u751f\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u5229\u7528: \u8ab2\u984c\u3068\u89e3\u6c7a\u7b56<\/h2>\n<p>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u4e3b\u306b\u60aa\u610f\u306e\u3042\u308b\u76ee\u7684\u3067\u4f7f\u7528\u3055\u308c\u3001Web \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u307e\u3059\u3002\u305d\u306e\u5f71\u97ff\u306f\u3001Web \u30b5\u30a4\u30c8\u306e\u6539\u3056\u3093\u304b\u3089\u6a5f\u5bc6\u306e\u30e6\u30fc\u30b6\u30fc \u30c7\u30fc\u30bf\u306e\u7a83\u53d6\u307e\u3067\u591a\u5c90\u306b\u308f\u305f\u308a\u307e\u3059\u3002<\/p>\n<p>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u5bfe\u3059\u308b\u8efd\u6e1b\u6226\u7565\u306b\u306f\u901a\u5e38\u3001\u6b21\u306e\u3082\u306e\u304c\u542b\u307e\u308c\u307e\u3059\u3002<\/p>\n<ol>\n<li>\u5165\u529b\u691c\u8a3c: \u30e6\u30fc\u30b6\u30fc\u304c\u6307\u5b9a\u3057\u305f\u30c7\u30fc\u30bf\u306b HTML \u30bf\u30b0\u307e\u305f\u306f\u30b9\u30af\u30ea\u30d7\u30c8 \u30bf\u30b0\u304c\u306a\u3044\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/li>\n<li>\u51fa\u529b\u30a8\u30f3\u30b3\u30fc\u30c7\u30a3\u30f3\u30b0: \u30e6\u30fc\u30b6\u30fc\u5165\u529b\u3092\u3001HTML \u30bf\u30b0\u304c\u7121\u5bb3\u306b\u306a\u308b\u5b89\u5168\u306a\u5f62\u5f0f\u306b\u5909\u63db\u3057\u307e\u3059\u3002<\/li>\n<li>\u5b89\u5168\u306a HTTP \u30d8\u30c3\u30c0\u30fc\u306e\u4f7f\u7528: \u7279\u5b9a\u306e HTTP \u30d8\u30c3\u30c0\u30fc\u3092\u8a2d\u5b9a\u3057\u3066\u3001\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u5b9f\u884c\u3067\u304d\u308b\u65b9\u6cd5\u3068\u5834\u6240\u3092\u5236\u9650\u3067\u304d\u307e\u3059\u3002<\/li>\n<\/ol>\n<h2>\u985e\u4f3c\u7528\u8a9e\u3068\u306e\u6bd4\u8f03<\/h2>\n<table>\n<thead>\n<tr>\n<th>\u5b66\u671f<\/th>\n<th>\u8aac\u660e<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>HTML\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3<\/td>\n<td>\u60aa\u610f\u306e\u3042\u308b HTML\/JavaScript \u30b3\u30fc\u30c9\u3092 Web \u30da\u30fc\u30b8\u306b\u633f\u5165\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3<\/td>\n<td>\u60aa\u610f\u306e\u3042\u308b SQL \u30af\u30a8\u30ea\u3092\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3 \u30c7\u30fc\u30bf\u30d9\u30fc\u30b9 \u30af\u30a8\u30ea\u306b\u633f\u5165\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3<\/td>\n<td>\u30b7\u30b9\u30c6\u30e0 \u30b3\u30de\u30f3\u30c9 \u30e9\u30a4\u30f3\u306b\u60aa\u610f\u306e\u3042\u308b\u30b3\u30de\u30f3\u30c9\u3092\u633f\u5165\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>\u30af\u30ed\u30b9\u30b5\u30a4\u30c8\u30b9\u30af\u30ea\u30d7\u30c6\u30a3\u30f3\u30b0 (XSS)<\/td>\n<td>\u60aa\u610f\u306e\u3042\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u304c\u4fe1\u983c\u3067\u304d\u308b Web \u30b5\u30a4\u30c8\u306b\u633f\u5165\u3055\u308c\u308b\u3001\u7279\u5b9a\u306e\u30bf\u30a4\u30d7\u306e HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u5c06\u6765\u306e\u5c55\u671b\u3068\u6280\u8853<\/h2>\n<p>Web \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u304c\u9032\u5316\u3059\u308b\u306b\u3064\u308c\u3066\u3001HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u6280\u8853\u3082\u9032\u5316\u3057\u307e\u3059\u3002\u30b7\u30f3\u30b0\u30eb\u30da\u30fc\u30b8 \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3084 JavaScript \u30d5\u30ec\u30fc\u30e0\u30ef\u30fc\u30af\u306e\u4f7f\u7528\u304c\u5897\u3048\u308b\u306b\u3064\u308c\u3066\u3001\u653b\u6483\u5bfe\u8c61\u9818\u57df\u306f\u5909\u5316\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u304c\u3001HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u57fa\u672c\u539f\u5247\u306f\u5f15\u304d\u7d9a\u304d\u95a2\u9023\u3057\u307e\u3059\u3002<\/p>\n<p>\u5c06\u6765\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30c6\u30af\u30ce\u30ed\u30b8\u306f\u3001\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u81ea\u52d5\u691c\u51fa\u306e\u5f37\u5316\u3001\u3088\u308a\u5805\u7262\u306a\u30c7\u30fc\u30bf \u30b5\u30cb\u30bf\u30a4\u30ba\u65b9\u6cd5\u3001\u304a\u3088\u3073\u30bd\u30fc\u30b7\u30e3\u30eb \u30a8\u30f3\u30b8\u30cb\u30a2\u30ea\u30f3\u30b0\u3055\u308c\u305f\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u653b\u6483\u3092\u9632\u3050\u305f\u3081\u306e\u30e6\u30fc\u30b6\u30fc\u6559\u80b2\u306e\u6539\u5584\u306b\u91cd\u70b9\u3092\u7f6e\u304f\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<h2>HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u304a\u3051\u308b\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u306e\u5f79\u5272<\/h2>\n<p>\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u306f\u3001HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u5bfe\u3059\u308b\u9632\u5fa1\u7dda\u3068\u3057\u3066\u6a5f\u80fd\u3057\u307e\u3059\u3002 Web \u30b5\u30a4\u30c8\u3078\u306e\u53d7\u4fe1\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3057\u3066\u3001\u6709\u5bb3\u306a\u53ef\u80fd\u6027\u306e\u3042\u308b HTML \u30bf\u30b0\u3084\u30b9\u30af\u30ea\u30d7\u30c8 \u30bf\u30b0\u3092\u30b9\u30ad\u30e3\u30f3\u3067\u304d\u307e\u3059\u3002\u307e\u305f\u3001\u30e6\u30fc\u30b6\u30fc\u306b\u8ffd\u52a0\u306e\u533f\u540d\u6027\u30ec\u30a4\u30e4\u30fc\u3092\u63d0\u4f9b\u3057\u3001\u6a19\u7684\u578b\u653b\u6483\u306e\u53ef\u80fd\u6027\u3092\u6e1b\u3089\u3059\u3053\u3068\u3082\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>\u305f\u3060\u3057\u3001\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u306e\u4f7f\u7528\u306f\u3001\u4ed6\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\u3068\u7d44\u307f\u5408\u308f\u305b\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u3060\u3051\u3067\u306f\u3001\u3042\u3089\u3086\u308b\u7a2e\u985e\u306e HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u653b\u6483\u304b\u3089 Web \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u4fdd\u8b77\u3059\u308b\u3053\u3068\u306f\u3067\u304d\u307e\u305b\u3093\u3002<\/p>\n<h2>\u95a2\u9023\u30ea\u30f3\u30af<\/h2>\n<ol>\n<li><a href=\"https:\/\/owasp.org\/www-community\/attacks\/HTML_Injection\" target=\"_new\" rel=\"noopener nofollow\">OWASP HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3<\/a><\/li>\n<li><a href=\"https:\/\/www.w3schools.com\/tags\/tag_base.asp\" target=\"_new\" rel=\"noopener nofollow\">W3Schools HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3<\/a><\/li>\n<li><a href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTML\" target=\"_new\" rel=\"noopener nofollow\">Web \u958b\u767a\u8005\u30ac\u30a4\u30c9: HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u3064\u3044\u3066<\/a><\/li>\n<li><a href=\"https:\/\/portswigger.net\/web-security\/cross-site-scripting\" target=\"_new\" rel=\"noopener nofollow\">HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3068 XSS<\/a><\/li>\n<li><a href=\"https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Cross_Site_Scripting_Prevention_Cheat_Sheet.html\" target=\"_new\" rel=\"noopener nofollow\">HTML \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u9632\u6b62<\/a><\/li>\n<\/ol>","protected":false},"featured_media":477494,"menu_order":0,"template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"class_list":["post-477493","wiki","type-wiki","status-publish","has-post-thumbnail","hentry"],"acf":{"faq_title":"Frequently Asked Questions about <mark>HTML Injection: An Exploration of Its Origins, Mechanics, and Significance<\/mark>","faq_items":[{"question":"What is HTML Injection?","answer":"<p>HTML Injection refers to a type of vulnerability that allows an attacker to inject malicious HTML code into a website, altering its presentation or functionality. This form of code injection can lead to various types of attacks, including phishing, session hijacking, and defacement of websites.<\/p>"},{"question":"When was HTML Injection first identified?","answer":"<p>HTML Injection started gaining recognition among the cybersecurity community in the late 1990s and early 2000s, when the web was becoming more interactive with the advent of dynamic websites.<\/p>"},{"question":"How does an HTML Injection attack work?","answer":"<p>An HTML Injection attack works by an attacker identifying a webpage that includes user-supplied data into its HTML output directly. The attacker injects malicious HTML\/JavaScript code into the webpage, often via form fields or URL parameters. The server then incorporates this code into the HTML of the webpage. When another user visits the webpage, the malicious code gets executed in their browser.<\/p>"},{"question":"What are some key features of HTML Injection?","answer":"<p>Key features of HTML Injection include manipulation of webpage content, session hijacking, phishing, and forming the basis for Cross-Site Scripting (XSS) attacks.<\/p>"},{"question":"What are the two main types of HTML Injection?","answer":"<p>The two main types of HTML Injection are Stored HTML Injection, where the injected code is permanently stored on the target server and executed whenever the page is loaded, and Reflected HTML Injection, where the injected code is included as part of a URL request and the attack occurs when the malicious URL is accessed.<\/p>"},{"question":"What are some ways to mitigate HTML Injection attacks?","answer":"<p>Mitigation strategies against HTML Injection usually involve input validation (checking user-supplied data for any HTML or script tags), output encoding (converting user input into a safe format), and the use of secure HTTP headers that restrict how and where scripts can be executed.<\/p>"},{"question":"How do HTML Injection and SQL Injection differ?","answer":"<p>While HTML Injection involves injecting malicious HTML\/JavaScript code into a webpage, SQL Injection involves injecting malicious SQL queries into an application database query.<\/p>"},{"question":"How can proxy servers help against HTML Injection?","answer":"<p>Proxy servers can serve as a line of defense against HTML Injection by filtering incoming requests to a website and scanning for potentially harmful HTML or script tags. They can also provide an additional layer of anonymity for users, reducing the likelihood of targeted attacks.<\/p>"},{"question":"What are some future perspectives in HTML Injection?","answer":"<p>As web technologies evolve, HTML Injection techniques are expected to advance too. Future security technologies will likely focus on enhanced automatic detection of injection vulnerabilities, more robust data sanitization methods, and improved user education to prevent socially engineered injection attacks.<\/p>"}]},"_links":{"self":[{"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/wiki\/477493","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/wiki"}],"about":[{"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/types\/wiki"}],"version-history":[{"count":0,"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/wiki\/477493\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/media\/477494"}],"wp:attachment":[{"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/media?parent=477493"}],"curies":[{"name":"\u3046\u30fc\u3093","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}