网站常用防御方式

http://blog.csdn.net/stpeace/article/details/53512283

Session fixation：

https://www.cnblogs.com/davidwang456/p/3593578.html

http://www.gooseeker.com/cn/node/knowledgebase/whatissessionfixation

HTTP Strict Transport Security(HSTS)：

HTTPS

XSS:

https://www.cnblogs.com/suwings/p/6285340.html

https://www.cnblogs.com/digdeep/p/4695348.html

网站常用防御方式

原文地址：http://blog.51cto.com/xinzhilian/2089520