HTTPS 协议安全分析
举例
- 无线WiFi网络的攻击
- 垃圾广告攻击(ISP, Proxy植入广告)
生成证书
openssl req -x509 -newkey rsa:2048 -nodes -sha256 -days 3650 -subj '/CN=localhost' \
-keyout localhost-privkey.pem -out localhost-cert.pem
memo
Access-Control-Allow-Origin
X-XSS-Protection
Strict-Transport-Security
Content-Security-Policy