Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec
Search
Tomoyuki KOYAMA
May 05, 2018
Technology
0
180
既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec
学生LT#11, @DMM
Tomoyuki KOYAMA
May 05, 2018
Tweet
Share
More Decks by Tomoyuki KOYAMA
See All by Tomoyuki KOYAMA
Reading HTTP Client Hints
tomoyk
0
88
Log message with JSON item count for root cause analysis in microservices
tomoyk
1
210
Distributed Log Search Based on Time Series Access and Service Relations
tomoyk
0
330
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
tomoyk
0
420
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
tomoyk
2
930
この先生きのこるための学び方 / how-to-learn-tech
tomoyk
1
400
佐川急便のフィッシングサイトを調べてみた / Analysis of sagawa fishing site
tomoyk
1
180
パケットを覗いてみよう / Packet workshop for beginners
tomoyk
0
340
XSSの入力値を調べてみた / searching xss insertion value
tomoyk
3
1.5k
Other Decks in Technology
See All in Technology
incident_commander_demaecan__1_.pdf
demaecan
0
130
ComposeではないコードをCompose化する case ビズリーチ / DroidKaigi 2025 koyasai
visional_engineering_and_design
0
110
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
3
20k
Digitization部 紹介資料
sansan33
PRO
1
5.5k
[Codex Meetup Japan #1] Codex-Powered Mobile Apps Development
korodroid
2
750
LLM時代にデータエンジニアの役割はどう変わるか?
ikkimiyazaki
6
1.4k
Wasmのエコシステムを使った ツール作成方法
askua
0
160
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
14k
フレームワークを意識させないワークショップづくり
keigosuda
0
180
これがLambdaレス時代のChatOpsだ!実例で学ぶAmazon Q Developerカスタムアクション活用法
iwamot
PRO
6
1.1k
やる気のない自分との向き合い方/How to Deal with Your Unmotivated Self
sanogemaru
0
500
ニッポンの人に知ってもらいたいGISスポット
sakaik
0
140
Featured
See All Featured
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.6k
Practical Orchestrator
shlominoach
190
11k
A Tale of Four Properties
chriscoyier
161
23k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.4k
Context Engineering - Making Every Token Count
addyosmani
6
250
RailsConf 2023
tenderlove
30
1.2k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
140
34k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
252
21k
KATA
mclloyd
32
15k
Navigating Team Friction
lara
190
15k
Optimizing for Happiness
mojombo
379
70k
Transcript
طଘͷ8FCΞϓϦΛ ηΩϡΞʹ͢ΔͨΊʹ ͬͨ͜ͱ 5PNPZVLJ,0:"." ֶੜ-5
ࣗݾհ w /BNFίϠϚτϞϢΩ w (SBEFཧܥେֶ# w 5XJUUFS!UNZL@LZN w #MPHIUUQTCMPHLPZBNBNF w
5BHT/FUXPSL8FC4FSWFS4FDVSJUZ
ҳൠͷޡՈఉ ϠϑΦΫͰதݹͷωοτϫʔΫػثΛߪೖ
ۙگ w ٕज़ॻయʹߦͬͨ w ొηΩεϖΛड͚ͨ w IBDLʹམͪͨ w ֶੜ-5ʹؒʹ߹ͬͨɹˡ/&8
8FCηΩϡϦςΟ ͷجૅ
944 w ΫϩεɾαΠτɾεΫϦϓςΟϯά w )5.-ʹεΫϦϓτ͕ૠೖ͞ΕΔ͜ͱͰɺ ҙͷॲཧ͕࣮ߦ͞ΕΔ w $8&*NQSPQFS/FVUSBMJ[BUJPOPG*OQVU %VSJOH8FC1BHF(FOFSBUJPO $SPTTTJUF
4DSJQUJOH
944 EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF I QIQFDIP@(&5<NPEF> I EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF
IIFMMPI ม@(&5<bNPEF`>ʹIFMMP͕ઃఆ͞Ε͍ͯΔͱʜ 4BGF
944 EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF I QIQFDIP@(&5<NPEF> I EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF
ITDSJQUBMFSU TDSJQUI ม@(&5<bNPEF`>ʹTDSJQUBMFSU TDSJQU͕ ઃఆ͞Ε͍ͯΔͱʜ VO4BGF
'SBNF8PSLʹཔΔͱʜ w 'SBNF8PSL͕ࣗಈͰΤεέʔϓͯ͘͠ΕΔ w ηΩϡϦςΟΛҙࣝͤͣʹ։ൃՄ w 3VCZPO3BJMT 'MBTL $BLF1)1 FUDʜ
طଘͷ8FCΞϓϦΛ ηΩϡΞʹ͢ΔͨΊʹ ͬͨ͜ͱ
ܦҢ w ͱ͋Δ8FCΞϓϦ ൿͷιʔε Λಈ͔͢ґཔΛ ड͚Δ w ѻ͏σʔλݸਓใ w ηΩϡϦςΟΛݟͯ͠Έͨ
ͬͨ͜ͱ
44-Խ w )551ˠ)5514 w 44-ূ໌ॻΛ-FU`T&ODSZQUͰऔಘ w ैདྷݸਓใΛฏจͰΓऔΓ
͓͠·͍
ͬͨ͜ͱ w ॳڃ w 44-Խ w தڃ w ্ڃ
ͬͨ͜ͱதڃ w $PPLJFIUUQPOMZଐੑ TFDVSFଐੑΛ༩ w ϨεϙϯεϔομҎԼΛ༩ w 99441SPUFDUJPONPEFCMPDL w 9'SBNF0QUJPOT4".&03*(*/
w 9$POUFOU5ZQF0QUJPOTOPTOJ⒎
$PPLJFIUUQPOMZଐੑ TFDVSFଐੑΛ༩
99441SPUFDUJPO NPEFCMPDL w 8FCϒϥβͷ944ϑΟϧλʔΛڧ੍0/ w 944Λݕ͢ΔͱϒϩοΫ͢Δ IUUQFYBNQMFDPNTFBSDI TDSJQUBMFSU TDSJQU
9'SBNF0QUJPOT 9$POUFOU5ZQF0QUJPOT w 9'SBNF0QUJPOT4".&03*(*/ w ΫϦοΫɾδϟοΩϯάରࡦ JGSBNFͰͷผαΠτ͔ΒຒΊࠐΈΛېࢭ w 9$POUFOU5ZQF0QUJPOTOPTOJ⒎
w FͷΞΠίϯͳϒϥβͰͷ944Λࢭ
ͬͨ͜ͱ্ڃ w ηογϣϯɾλΠϜΞτ w ϨεϙϯεϔομҎԼΛ༩ w $BDIF$POUSPMQSJWBUF OPTUPSF w 4USJDU5SBOTQPSU4FDVSJUZNBY
BHFJODMVEF4VCEPNBJOT
ηογϣϯɾλΠϜΞτ $PPLJFͷ&YQJSFଐੑͰ༗ޮظݶΛઃఆ
$BDIF$POUSPM QSJWBUF OPTUPSF w ϚΠϖʔδ ݸਓใ ͳͲΛ1SPYZ$%/ͰΩϟο γϡͰอ࣋͠ͳ͍ w ࢀߟʮϝϧΧϦɹݸਓใྲྀग़ʯ
4USJDU5SBOTQPSU4FDVSJUZNBY BHFJODMVEF4VCEPNBJOT w )454 )5514USJDU5SBOTQPSU4FDVSJUZ w IUUQˠIUUQTஔ͖͑ͯϦΫΤετΛૹ৴ w <T><EBZ>
·ͱΊ w 8FCΞϓϦΛެ։͢Δͱ͖44-Խ͠Α͏ w $PPLJFϨεϙϯεɾϔομʹҙ͠Α͏ w ແঈεΩϟφͷ08"41;"1Φεεϝ
݁Ռ
Γ͕͍(&5 ใु;&30
ࡉ͔͍͜ͱ࠙ձͰ ั·͑ͯฉ͍ͯω 5IBOLT