- https://www.ctolib.com/docs/sfile/xss-naxienian/index.html
- https://www.knowsec.net/archives/78/
- https://www.zhihu.com/question/26628342
- http://adoyle.me/blog/why-zip-file-checksum-changed.html
- http://www.cnblogs.com/hyddd/archive/2009/04/09/1432744.html
- https://kennel209.gitbooks.io/owasp-testing-guide-v4/content/zh/web_application_security_testing/testing_for_cross_site_request_forgery_csrf_otg-sess-005.html
Google 官方的开发者教程:
- https://techdevguide.withgoogle.com/paths/foundational/
- https://techdevguide.withgoogle.com/paths/advanced/