{"id":477158,"date":"2023-08-09T09:08:09","date_gmt":"2023-08-09T09:08:09","guid":{"rendered":""},"modified":"2023-09-05T11:14:08","modified_gmt":"2023-09-05T11:14:08","slug":"expression-language-injection","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/tr\/wiki\/expression-language-injection\/","title":{"rendered":"\u0130fade dili enjeksiyonu"},"content":{"rendered":"<h2>\u0130fade Dili Ekleme<\/h2>\n<p>Expression Language Injection, web uygulamalar\u0131nda olu\u015fan bir t\u00fcr g\u00fcvenlik a\u00e7\u0131\u011f\u0131d\u0131r. Sald\u0131rganlar\u0131n, uygulaman\u0131n ifade dili \u00e7er\u00e7evesine k\u00f6t\u00fc ama\u00e7l\u0131 ifadelerin eklenmesinden yararlanarak rastgele kod \u00e7al\u0131\u015ft\u0131rmas\u0131na veya hassas bilgilere eri\u015fmesine olanak tan\u0131r. Bu t\u00fcr sald\u0131r\u0131lar \u00f6zellikle OneProxy (oneproxy.pro) gibi proxy sunucu sa\u011flay\u0131c\u0131lar\u0131 i\u00e7in endi\u015fe vericidir \u00e7\u00fcnk\u00fc g\u00fcvenlik kontrollerini atlamak ve kaynaklara yetkisiz eri\u015fim sa\u011flamak i\u00e7in kullan\u0131labilir.<\/p>\n<h2>Tarih ve \u0130lk S\u00f6z<\/h2>\n<p>\u0130fade Dili Enjeksiyonu kavram\u0131, dinamik web uygulamalar\u0131n\u0131n ortaya \u00e7\u0131k\u0131\u015f\u0131 ve ifade dili \u00e7er\u00e7evelerinin tan\u0131t\u0131lmas\u0131yla ortaya \u00e7\u0131kt\u0131. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan ilk kez bahsedilmesi, web geli\u015ftiricilerinin dinamik i\u00e7erik \u00fcretimini geli\u015ftirmek i\u00e7in ifade dillerini uygulamalar\u0131na dahil etmeye ba\u015flad\u0131klar\u0131 2000&#039;li y\u0131llar\u0131n ortalar\u0131na kadar uzan\u0131yor.<\/p>\n<p>Web uygulamalar\u0131n\u0131n karma\u015f\u0131kl\u0131\u011f\u0131 artt\u0131k\u00e7a geli\u015ftiriciler, verileri i\u015flemek ve web sayfalar\u0131nda dinamik olarak i\u00e7erik olu\u015fturmak i\u00e7in JavaServer Pages (JSP), \u0130fade Dili (EL) ve Birle\u015fik \u0130fade Dili (UEL) gibi ifade dillerini kullanmaya ba\u015flad\u0131. Ancak bu yeni ke\u015ffedilen g\u00fc\u00e7 ayn\u0131 zamanda potansiyel g\u00fcvenlik risklerini de beraberinde getirdi.<\/p>\n<h2>\u0130fade Dili Eklemeyi Anlamak<\/h2>\n<p>\u0130fade Dili Enjeksiyonu, bir sald\u0131rgan\u0131n, bir web uygulamas\u0131n\u0131n giri\u015f alanlar\u0131na veya sonunda uygulaman\u0131n ifade dili \u00e7er\u00e7evesi taraf\u0131ndan de\u011ferlendirilecek parametrelerine k\u00f6t\u00fc ama\u00e7l\u0131 kod veya ifadeler eklemenin bir yolunu bulmas\u0131 durumunda ger\u00e7ekle\u015fir. Bu, uygulaman\u0131n ba\u011flam\u0131nda kod y\u00fcr\u00fctmelerine olanak tan\u0131r ve bu da yetkisiz veri eri\u015fimi, ayr\u0131cal\u0131k y\u00fckseltme ve hatta uzaktan kod y\u00fcr\u00fctme gibi \u00e7e\u015fitli sonu\u00e7lara yol a\u00e7ar.<\/p>\n<h2>\u0130\u00e7 Yap\u0131 ve \u0130\u015fleyi\u015f<\/h2>\n<p>\u0130fade Dili Enjeksiyonunun \u00e7al\u0131\u015fma prensibi a\u015fa\u011f\u0131daki bile\u015fenler etraf\u0131nda d\u00f6ner:<\/p>\n<ol>\n<li>\n<p><strong>\u0130fade Dilleri<\/strong>: JSP EL ve UEL gibi ifade dilleri, web uygulamalar\u0131ndaki dinamik ifadeleri de\u011ferlendirmek i\u00e7in tasarlanm\u0131\u015ft\u0131r. \u00c7e\u015fitli kapsamlarda depolanan nesnelere ve verilere eri\u015fmenin ve bunlar\u0131 de\u011fi\u015ftirmenin bir yolunu sa\u011flarlar.<\/p>\n<\/li>\n<li>\n<p><strong>Kullan\u0131c\u0131 Giri\u015fi<\/strong>: Sald\u0131rganlar, formlar, \u00e7erezler veya HTTP ba\u015fl\u0131klar\u0131 gibi kullan\u0131c\u0131 taraf\u0131ndan kontrol edilebilen giri\u015f alanlar\u0131 arac\u0131l\u0131\u011f\u0131yla k\u00f6t\u00fc ama\u00e7l\u0131 ifadeler enjekte eder.<\/p>\n<\/li>\n<li>\n<p><strong>\u0130fade De\u011ferlendirmesi<\/strong>: Uygulaman\u0131n ifade dili \u00e7er\u00e7evesi giri\u015fi i\u015fler ve enjekte edilen ifadeleri de\u011ferlendirir.<\/p>\n<\/li>\n<li>\n<p><strong>Kod Y\u00fcr\u00fctme<\/strong>: Giri\u015f uygun \u015fekilde temizlenmezse ve do\u011frulanmazsa, k\u00f6t\u00fc ama\u00e7l\u0131 ifadeler uygulaman\u0131n ba\u011flam\u0131 i\u00e7inde y\u00fcr\u00fct\u00fcl\u00fcr ve bu da yetkisiz eylemlere yol a\u00e7ar.<\/p>\n<\/li>\n<\/ol>\n<h2>\u0130fade Dili Yerle\u015ftirmenin Temel \u00d6zellikleri<\/h2>\n<p>\u0130fade Dili Ekleme, a\u015fa\u011f\u0131dakiler de dahil olmak \u00fczere bir\u00e7ok \u00f6nemli \u00f6zelli\u011fe sahiptir:<\/p>\n<ul>\n<li>\n<p><strong>Ba\u011flam Tabanl\u0131<\/strong>: Etkinin ciddiyeti enjeksiyonun ger\u00e7ekle\u015fti\u011fi ba\u011flama ba\u011fl\u0131d\u0131r. Baz\u0131 ba\u011flamlar s\u0131n\u0131rl\u0131 ayr\u0131cal\u0131klara sahip olabilirken di\u011ferleri hassas verilere ve sistem kaynaklar\u0131na tam eri\u015fim sa\u011flayabilir.<\/p>\n<\/li>\n<li>\n<p><strong>Veriye Maruz Kalma<\/strong>: Sald\u0131rganlar, veritabanlar\u0131, oturum bilgileri ve arka u\u00e7 sistemleri de dahil olmak \u00fczere uygulama i\u00e7indeki verilere eri\u015febilir ve bunlar\u0131 y\u00f6netebilir.<\/p>\n<\/li>\n<li>\n<p><strong>Kod Y\u00fcr\u00fctme<\/strong>: Rastgele kod y\u00fcr\u00fctme yetene\u011fi, sald\u0131rganlar\u0131n uygulaman\u0131n, hatta t\u00fcm ana bilgisayar sisteminin kontrol\u00fcn\u00fc ele ge\u00e7irmesine olanak tan\u0131r.<\/p>\n<\/li>\n<li>\n<p><strong>Zincirleme S\u00f6m\u00fcr\u00fc<\/strong>: \u0130fade Dili Ekleme, ayr\u0131cal\u0131klar\u0131 y\u00fckseltmek ve daha \u00f6nemli etkiler elde etmek i\u00e7in di\u011fer g\u00fcvenlik a\u00e7\u0131klar\u0131yla birle\u015ftirilebilir.<\/p>\n<\/li>\n<\/ul>\n<h2>\u0130fade Dil Enjeksiyonu T\u00fcrleri<\/h2>\n<p>\u0130fade Dili Ekleme, temeldeki ifade diline ve enjeksiyonun ba\u011flam\u0131na ba\u011fl\u0131 olarak farkl\u0131 t\u00fcrlere ayr\u0131labilir. Yayg\u0131n t\u00fcrler \u015funlar\u0131 i\u00e7erir:<\/p>\n<table>\n<thead>\n<tr>\n<th>Tip<\/th>\n<th>Tan\u0131m<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>JSP \u0130fade Dili (EL) Enjeksiyonu<\/td>\n<td>Sald\u0131rganlar\u0131n JSP EL etiketlerine veya niteliklerine k\u00f6t\u00fc ama\u00e7l\u0131 ifadeler yerle\u015ftirdi\u011fi JavaServer Pages (JSP) uygulamalar\u0131nda meydana gelir.<\/td>\n<\/tr>\n<tr>\n<td>Birle\u015fik \u0130fade Dili (UEL) Ekleme<\/td>\n<td>JSP EL&#039;in bir \u00fcst k\u00fcmesi olan Birle\u015fik \u0130fade Dili (UEL) kullanan uygulamalarda bulunur. Sald\u0131rganlar, zararl\u0131 ifadeler eklemek i\u00e7in giri\u015f do\u011frulama kusurlar\u0131ndan yararlan\u0131r.<\/td>\n<\/tr>\n<tr>\n<td>\u015eablon Motor Enjeksiyonu<\/td>\n<td>Sald\u0131rganlar\u0131n istenmeyen kodu y\u00fcr\u00fctmek i\u00e7in \u015fablonlu ifadeleri de\u011fi\u015ftirdi\u011fi \u015fablon motorlar\u0131yla ilgilidir. Bu t\u00fcr EL gibi ifade dilleriyle s\u0131n\u0131rl\u0131 olmay\u0131p Thymeleaf, Freemarker vb. di\u011fer \u015fablon sistemlerini de etkiler.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Kullan\u0131m, Sorunlar ve \u00c7\u00f6z\u00fcmler<\/h2>\n<p>\u0130fade Dili Ekleme&#039;nin kullan\u0131labilece\u011fi yollar \u00e7e\u015fitlidir:<\/p>\n<ol>\n<li>\n<p><strong>Veri Alma<\/strong>: Sald\u0131rganlar, kullan\u0131c\u0131 kimlik bilgileri, ki\u015fisel veriler veya sistem yap\u0131land\u0131rmas\u0131 gibi hassas bilgilere eri\u015fmek i\u00e7in EL Enjeksiyonunu kullanabilir.<\/p>\n<\/li>\n<li>\n<p><strong>Komut Y\u00fcr\u00fctme<\/strong>: Sald\u0131rganlar, k\u00f6t\u00fc ama\u00e7l\u0131 ifadeler enjekte ederek sistem komutlar\u0131n\u0131 y\u00fcr\u00fctebilir ve bu da potansiyel olarak uzaktan kod y\u00fcr\u00fct\u00fclmesine yol a\u00e7abilir.<\/p>\n<\/li>\n<li>\n<p><strong>G\u00fcvenlik Atlamas\u0131<\/strong>: \u0130fade Dili Ekleme, eri\u015fim kontrollerini, kimlik do\u011frulama mekanizmalar\u0131n\u0131 ve di\u011fer g\u00fcvenlik \u00f6nlemlerini atlamak i\u00e7in kullan\u0131labilir.<\/p>\n<\/li>\n<\/ol>\n<p>\u0130fade Dili Eklemeyi azaltmak i\u00e7in geli\u015ftiriciler ve proxy sunucu sa\u011flay\u0131c\u0131lar\u0131 a\u015fa\u011f\u0131daki \u00e7\u00f6z\u00fcmleri dikkate almal\u0131d\u0131r:<\/p>\n<ul>\n<li>\n<p><strong>Giri\u015f Do\u011frulamas\u0131<\/strong>: K\u00f6t\u00fc ama\u00e7l\u0131 ifadelerin eklenmesini \u00f6nlemek i\u00e7in t\u00fcm kullan\u0131c\u0131 giri\u015flerini do\u011frulay\u0131n ve temizleyin.<\/p>\n<\/li>\n<li>\n<p><strong>Ba\u011flama \u00d6zel Ka\u00e7\u0131\u015f<\/strong>: Kullan\u0131ld\u0131\u011f\u0131 ba\u011flama ba\u011fl\u0131 olarak verileri uygun \u015fekilde ka\u00e7\u0131\u015flay\u0131n ve kodlay\u0131n.<\/p>\n<\/li>\n<li>\n<p><strong>En Az Ayr\u0131cal\u0131k \u0130lkesi<\/strong>: Hassas kaynaklara eri\u015fimi s\u0131n\u0131rlamak i\u00e7in en az ayr\u0131cal\u0131k ilkesini uygulay\u0131n.<\/p>\n<\/li>\n<li>\n<p><strong>G\u00fcvenlik Denetimleri<\/strong>: D\u00fczenli g\u00fcvenlik denetimleri ve kod incelemeleri, potansiyel g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n belirlenmesine ve giderilmesine yard\u0131mc\u0131 olabilir.<\/p>\n<\/li>\n<\/ul>\n<h2>Benzer Terimlerle Kar\u015f\u0131la\u015ft\u0131rmalar<\/h2>\n<p>\u0130fade Dili Yerle\u015ftirme&#039;nin benzer terimlerle kar\u015f\u0131la\u015ft\u0131rmas\u0131n\u0131 burada bulabilirsiniz:<\/p>\n<table>\n<thead>\n<tr>\n<th>Terim<\/th>\n<th>Tan\u0131m<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>SQL Enjeksiyonu<\/td>\n<td>K\u00f6t\u00fc ama\u00e7l\u0131 SQL sorgular\u0131 enjekte ederek uygulaman\u0131n veritaban\u0131n\u0131 hedefler.<\/td>\n<\/tr>\n<tr>\n<td>Siteler Aras\u0131 Komut Dosyas\u0131 \u00c7al\u0131\u015ft\u0131rma (XSS)<\/td>\n<td>Di\u011fer kullan\u0131c\u0131lar taraf\u0131ndan g\u00f6r\u00fcnt\u00fclenen web sayfalar\u0131na k\u00f6t\u00fc ama\u00e7l\u0131 komut dosyalar\u0131 enjekte eder.<\/td>\n<\/tr>\n<tr>\n<td>Komut Enjeksiyonu<\/td>\n<td>Ana bilgisayara k\u00f6t\u00fc ama\u00e7l\u0131 sistem komutlar\u0131n\u0131n enjekte edilmesini ve y\u00fcr\u00fct\u00fclmesini i\u00e7erir.<\/td>\n<\/tr>\n<tr>\n<td>Sunucu Taraf\u0131 \u0130stek Sahtecili\u011fi (SSRF)<\/td>\n<td>Dahili kaynaklara veya di\u011fer sunuculara istekte bulunmak i\u00e7in sunucuyu kullan\u0131r.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Gelecek Perspektifleri ve Teknolojiler<\/h2>\n<p>Teknoloji ortam\u0131 geli\u015ftik\u00e7e siber sald\u0131rganlar\u0131n taktikleri de geli\u015fiyor. \u0130fade Dili Ekleme&#039;nin gelece\u011fi, web uygulama \u00e7er\u00e7eveleri, dilleri ve g\u00fcvenlik \u00f6nlemlerindeki geli\u015fmelere yak\u0131ndan ba\u011fl\u0131d\u0131r. Geli\u015ftiricilerin ve proxy sunucusu sa\u011flay\u0131c\u0131lar\u0131n\u0131n dikkatli olmalar\u0131 ve geli\u015fen sald\u0131r\u0131lara kar\u015f\u0131 savunma yapmak i\u00e7in yeni teknolojileri ve en iyi uygulamalar\u0131 benimsemeleri gerekecek.<\/p>\n<h2>Proxy Sunucular\u0131 ve \u0130fade Dili Ekleme<\/h2>\n<p>OneProxy gibi proxy sunucular, \u0130fade Dili Ekleme ile ili\u015fkili risklerin azalt\u0131lmas\u0131nda hayati bir rol oynayabilir. Proxy sunucular\u0131, istek filtreleme, giri\u015f do\u011frulama ve trafik izleme gibi \u00e7e\u015fitli g\u00fcvenlik mekanizmalar\u0131n\u0131 uygulayarak kullan\u0131c\u0131lar ve web uygulamalar\u0131 aras\u0131nda bir engel g\u00f6revi g\u00f6rebilir. Gelen istekleri uygulama sunucusuna iletmeden \u00f6nce inceleyebilir ve temizleyebilirler, b\u00f6ylece \u0130fade Dili Ekleme sald\u0131r\u0131lar\u0131n\u0131n olas\u0131l\u0131\u011f\u0131n\u0131 azalt\u0131rlar.<\/p>\n<h2>\u0130lgili Ba\u011flant\u0131lar<\/h2>\n<p>\u0130fade Dili Ekleme ve web uygulamas\u0131 g\u00fcvenli\u011fi hakk\u0131nda daha fazla bilgi i\u00e7in l\u00fctfen a\u015fa\u011f\u0131daki kaynaklara bak\u0131n:<\/p>\n<ol>\n<li>OWASP \u0130fade Dili Ekleme: <a href=\"https:\/\/owasp.org\/www-community\/attacks\/Expression_Language_Injection\" target=\"_new\" rel=\"noopener nofollow\">https:\/\/owasp.org\/www-community\/attacks\/Expression_Language_Injection<\/a><\/li>\n<li>SANS Enstit\u00fcs\u00fc \u2013 Yayg\u0131n Web Uygulamas\u0131 G\u00fcvenlik A\u00e7\u0131klar\u0131: <a href=\"https:\/\/www.sans.org\/blog\/top-5-web-application-vulnerabilities\/\" target=\"_new\" rel=\"noopener nofollow\">https:\/\/www.sans.org\/blog\/top-5-web-application-vulnerabilities\/<\/a><\/li>\n<li>Oracle JavaServer Sayfalar\u0131 Belirtimi: <a href=\"https:\/\/docs.oracle.com\/javaee\/5\/tutorial\/doc\/bnaph.html\" target=\"_new\" rel=\"noopener nofollow\">https:\/\/docs.oracle.com\/javaee\/5\/tutorial\/doc\/bnaph.html<\/a><\/li>\n<li>Birle\u015fik \u0130fade Diline (UEL) Giri\u015f: <a href=\"https:\/\/www.oracle.com\/technical-resources\/articles\/java\/introduction-unified-expression-language.html\" target=\"_new\" rel=\"noopener nofollow\">https:\/\/www.oracle.com\/technical-resources\/articles\/java\/introduction-unified-expression-language.html<\/a><\/li>\n<\/ol>\n<p>Geli\u015ftiriciler ve proxy sunucu sa\u011flay\u0131c\u0131lar\u0131, en iyi uygulamalar\u0131 takip ederek ve kendilerini yeni ortaya \u00e7\u0131kan tehditler konusunda s\u00fcrekli e\u011fiterek, web uygulamalar\u0131n\u0131 ve kullan\u0131c\u0131lar\u0131n\u0131 \u0130fade Dili Ekleme tehlikelerinden korumaya yard\u0131mc\u0131 olabilirler.<\/p>","protected":false},"featured_media":477159,"menu_order":0,"template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"class_list":["post-477158","wiki","type-wiki","status-publish","has-post-thumbnail","hentry"],"acf":{"faq_title":"Frequently Asked Questions about <mark>Expression Language Injection: An Overview<\/mark>","faq_items":[{"question":"What is Expression Language Injection?","answer":"<p>Expression Language Injection is a type of security vulnerability found in web applications. It allows attackers to insert malicious code or expressions into the application's expression language framework, potentially leading to unauthorized access, data manipulation, or even remote code execution.<\/p>"},{"question":"How did Expression Language Injection originate?","answer":"<p>Expression Language Injection emerged with the rise of dynamic web applications and the adoption of expression languages like JSP EL and UEL. Its earliest mentions date back to the mid-2000s, when web developers started using these languages to enhance dynamic content generation.<\/p>"},{"question":"How does Expression Language Injection work?","answer":"<p>Attackers inject malicious expressions into input fields or parameters within the web application. The application's expression language framework processes these inputs and evaluates the injected expressions. If not properly validated, the malicious code executes within the application's context, granting unauthorized access or control.<\/p>"},{"question":"What are the key features of Expression Language Injection?","answer":"<p>Expression Language Injection's key features include its context-based impact, potential data exposure, code execution capabilities, and the possibility of combining it with other vulnerabilities for more significant impacts.<\/p>"},{"question":"What types of Expression Language Injection exist?","answer":"<p>There are several types of Expression Language Injection, such as JSP Expression Language (EL) Injection, Unified Expression Language (UEL) Injection, and Template Engine Injection.<\/p>"},{"question":"How can Expression Language Injection be used, and how can it be mitigated?","answer":"<p>Attackers can use Expression Language Injection for data retrieval, command execution, and security bypass. To mitigate this vulnerability, developers and proxy server providers should implement input validation, context-specific escaping, and adhere to the principle of least privilege.<\/p>"},{"question":"How does Expression Language Injection compare to similar terms like SQL Injection and Cross-Site Scripting (XSS)?","answer":"<p>Expression Language Injection differs from SQL Injection, XSS, and Command Injection in its specific focus on manipulating expression languages within web applications.<\/p>"},{"question":"What is the future outlook for Expression Language Injection?","answer":"<p>The future of Expression Language Injection is closely tied to advancements in web application frameworks and security measures. Developers and proxy server providers must stay vigilant and adopt new technologies and best practices to defend against evolving attacks.<\/p>"},{"question":"How can proxy servers like OneProxy help with Expression Language Injection?","answer":"<p>Proxy servers, like OneProxy, can act as a protective barrier for web applications by filtering and validating incoming requests, reducing the risk of Expression Language Injection attacks.<\/p>"},{"question":"Where can I find more information about Expression Language Injection?","answer":"<p>For further details on Expression Language Injection and web application security, refer to the following resources:<\/p><ol><li>OWASP Expression Language Injection: <a href=\"https:\/\/owasp.org\/www-community\/attacks\/Expression_Language_Injection\" target=\"_new\">https:\/\/owasp.org\/www-community\/attacks\/Expression_Language_Injection<\/a><\/li><li>SANS Institute - Common Web Application Vulnerabilities: <a href=\"https:\/\/www.sans.org\/blog\/top-5-web-application-vulnerabilities\/\" target=\"_new\">https:\/\/www.sans.org\/blog\/top-5-web-application-vulnerabilities\/<\/a><\/li><li>Oracle JavaServer Pages Specification: <a href=\"https:\/\/docs.oracle.com\/javaee\/5\/tutorial\/doc\/bnaph.html\" target=\"_new\">https:\/\/docs.oracle.com\/javaee\/5\/tutorial\/doc\/bnaph.html<\/a><\/li><li>Introduction to Unified Expression Language (UEL): <a href=\"https:\/\/www.oracle.com\/technical-resources\/articles\/java\/introduction-unified-expression-language.html\" target=\"_new\">https:\/\/www.oracle.com\/technical-resources\/articles\/java\/introduction-unified-expression-language.html<\/a><\/li><\/ol>"}]},"_links":{"self":[{"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/wiki\/477158","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/wiki"}],"about":[{"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/types\/wiki"}],"version-history":[{"count":0,"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/wiki\/477158\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/media\/477159"}],"wp:attachment":[{"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/media?parent=477158"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}