Article From:https://segmentfault.com/q/1010000012048016
Question:

Just look at Web’s security knowledge and see it in the fog

Just thinking about it

Server backstage
app.get(‘/’,function(req,res){
if(req.body.password===’123′){
res.send(‘key’)
}
})

If the password is 123, return a section of KEY

Is there a vulnerability in this simple pattern?
If I used this method all the time, would hackers have a way to bypass the account password and log on to the server?

Answer 0:

If only this simple code, the hacker can not bypass the account password landing.

Leave a Reply

Your email address will not be published. Required fields are marked *