/xsleaks-wiki-zh_CN

xsleaks-wiki 中文版

Primary LanguageHTMLApache License 2.0Apache-2.0

XS-Leaks Wiki

Fork from https://github.com/xsleaks/wiki

由于本人翻译水平有限,所以本翻译保留了原文,方便进行对照。

内容中有一些单词我感觉很难翻译出原本的意思,故保留了英文。若你感觉有更好的翻译方式,可提交 issue

进度 100%

48/48 点击展开进度详情
  • README.md
  • _index.md
  • attacks/_index.md
  • attacks/xs-search.md
  • attacks/window-references.md
  • attacks/navigations.md
  • attacks/css-tricks.md
  • attacks/frame-counting.md
  • attacks/error-events.md
  • attacks/cache-probing.md
  • attacks/element-leaks.md
  • attacks/id-attribute.md
  • attacks/postmessage-broadcasts.md
  • attacks/browser-features/_index.md
  • attacks/browser-features/corb.md
  • attacks/browser-features/corp.md
  • attacks/timing-attacks/_index.md
  • attacks/timing-attacks/clocks.md
  • attacks/timing-attacks/connection-pool.md
  • attacks/timing-attacks/execution-timing.md
  • attacks/timing-attacks/hybrid-timing.md
  • attacks/timing-attacks/network-timing.md
  • attacks/timing-attacks/performance-api.md
  • attacks/experiments/_index.md
  • attacks/experiments/portals.md
  • attacks/experiments/scroll-to-text-fragment.md
  • attacks/css-injection.md
  • attacks/historical/_index.md
  • attacks/historical/content-type.md
  • attacks/historical/stateful-browser-features.md
  • defenses/_index.md
  • defenses/opt-in/_index.md
  • defenses/opt-in/coop.md
  • defenses/opt-in/corp.md
  • defenses/opt-in/document-policies.md
  • defenses/opt-in/fetch-metadata.md
  • defenses/opt-in/same-site-cookies.md
  • defenses/opt-in/xfo.md
  • defenses/design-protections/_index.md
  • defenses/design-protections/cache-protections.md
  • defenses/design-protections/subresource-protections.md
  • defenses/isolation-policies/_index.md
  • defenses/isolation-policies/framing-isolation.md
  • defenses/isolation-policies/navigation-isolation.md
  • defenses/isolation-policies/strict-isolation.md
  • defenses/secure-defaults/_index.md
  • defenses/secure-defaults/corb.md
  • defenses/secure-defaults/partitioned-cache.md

Demo

demo 文件夹中是我根据 wiki 以及一些已有代码,尝试写的 poc/exp,仅供参考。

后续会持续补充 CTF 题当做 demo,若你有好的题目想分享,直接提 issue 即可。

部署流程

在本地部署

  1. 安装 Hugo 框架 补充 版本需要 > 0.68
  2. 克隆本仓库
  3. 在根目录中运行 hugo server --minify
  4. 访问 http://localhost:1313 (或者按照 hugo 的输出来访问)

生成静态文件

  1. 执行 hugo --buildDrafts

自动化部署【暂停使用】

本仓库的每次 Pull Request 都会触发 Github Actions 进行自动化部署与推送 XS-Leaks Wiki。为了将 Github Actions 用在 Github Pages 中,我们用到了 actions-gh-pages。为了通过 Hugo Framework 来自动化化部署网站,我们还用到了 actions-hugo

为了让 workflow 有权限访问本仓库,我们用到了 deploy_key,它属于本仓库的私有设置。

其他

Stargazers over time