frontend-security
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseFrontend Security Audit Skill
前端安全审计技能
Perform comprehensive security audits of frontend codebases to identify vulnerabilities, bad practices, and missing protections.
对前端代码库执行全面的安全审计,以识别漏洞、不良实践和缺失的防护措施。
Audit Process
审计流程
- Scan for dangerous patterns - Search codebase for known vulnerability indicators
- Review framework-specific risks - Check for framework security bypass patterns
- Validate defensive measures - Verify CSP, CSRF tokens, input validation
- Check dependencies - Review npm/node dependencies for vulnerabilities
- Report findings - Categorize by severity with remediation guidance
- 扫描危险模式 - 在代码库中搜索已知的漏洞标识
- 审查框架特定风险 - 检查框架的安全绕过模式
- 验证防御措施 - 验证CSP、CSRF令牌、输入验证机制
- 检查依赖项 - 审查npm/node依赖项中的漏洞
- 报告发现结果 - 按严重程度分类并提供修复指导
Critical Vulnerability Patterns to Search
需排查的关键漏洞模式
XSS Indicators (Search Priority: HIGH)
XSS漏洞标识(排查优先级:高)
bash
undefinedbash
undefinedReact dangerous patterns
React dangerous patterns
grep -rn "dangerouslySetInnerHTML" --include=".jsx" --include=".tsx" --include="*.js"
grep -rn "dangerouslySetInnerHTML" --include=".jsx" --include=".tsx" --include="*.js"
Direct DOM manipulation
Direct DOM manipulation
grep -rn ".innerHTML\s*=" --include=".js" --include=".ts" --include=".jsx" --include=".tsx"
grep -rn ".outerHTML\s*=" --include=".js" --include=".ts"
grep -rn "document.write" --include=".js" --include=".ts"
grep -rn ".innerHTML\s*=" --include=".js" --include=".ts" --include=".jsx" --include=".tsx"
grep -rn ".outerHTML\s*=" --include=".js" --include=".ts"
grep -rn "document.write" --include=".js" --include=".ts"
URL-based injection
URL-based injection
grep -rn "location.href\s*=" --include=".js" --include=".ts"
grep -rn "location.replace" --include=".js" --include=".ts"
grep -rn "window.open" --include=".js" --include=".ts"
grep -rn "location.href\s*=" --include=".js" --include=".ts"
grep -rn "location.replace" --include=".js" --include=".ts"
grep -rn "window.open" --include=".js" --include=".ts"
Eval and code execution
Eval and code execution
grep -rn "eval\s*(" --include=".js" --include=".ts"
grep -rn "new Function\s*(" --include=".js" --include=".ts"
grep -rn "setTimeout\s*(\s*['"]" --include=".js" --include=".ts"
grep -rn "setInterval\s*(\s*['"]" --include=".js" --include=".ts"
grep -rn "eval\s*(" --include=".js" --include=".ts"
grep -rn "new Function\s*(" --include=".js" --include=".ts"
grep -rn "setTimeout\s*(\s*['"]" --include=".js" --include=".ts"
grep -rn "setInterval\s*(\s*['"]" --include=".js" --include=".ts"
Twig unescaped output
Twig unescaped output
grep -rn "|raw" --include=".twig" --include=".html.twig"
grep -rn "{% autoescape false %}" --include="*.twig"
undefinedgrep -rn "|raw" --include=".twig" --include=".html.twig"
grep -rn "{% autoescape false %}" --include="*.twig"
undefinedCSRF Indicators
CSRF漏洞标识
bash
undefinedbash
undefinedForms without CSRF tokens
Forms without CSRF tokens
grep -rn "<form" --include=".html" --include=".jsx" --include=".tsx" --include=".twig"
grep -rn "<form" --include=".html" --include=".jsx" --include=".tsx" --include=".twig"
State-changing requests without protection
State-changing requests without protection
grep -rn "fetch\s*(" --include=".js" --include=".ts" | grep -E "(POST|PUT|DELETE|PATCH)"
grep -rn "axios.(post|put|delete|patch)" --include=".js" --include=".ts"
undefinedgrep -rn "fetch\s*(" --include=".js" --include=".ts" | grep -E "(POST|PUT|DELETE|PATCH)"
grep -rn "axios.(post|put|delete|patch)" --include=".js" --include=".ts"
undefinedSensitive Data Exposure
敏感数据泄露
bash
undefinedbash
undefinedlocalStorage/sessionStorage with sensitive data
localStorage/sessionStorage with sensitive data
grep -rn "localStorage." --include=".js" --include=".ts"
grep -rn "sessionStorage." --include=".js" --include=".ts"
grep -rn "localStorage." --include=".js" --include=".ts"
grep -rn "sessionStorage." --include=".js" --include=".ts"
Hardcoded secrets
Hardcoded secrets
grep -rn "api[_-]?key\s*[:=]" --include=".js" --include=".ts" --include=".env"
grep -rn "secret\s[:=]" --include=".js" --include=".ts"
grep -rn "password\s*[:=]" --include=".js" --include=".ts"
undefinedgrep -rn "api[_-]?key\s*[:=]" --include=".js" --include=".ts" --include=".env"
grep -rn "secret\s[:=]" --include=".js" --include=".ts"
grep -rn "password\s*[:=]" --include=".js" --include=".ts"
undefinedReference Documentation
参考文档
Load these references based on findings:
- XSS vulnerabilities found: See
references/xss-prevention.md - CSRF concerns: See
references/csrf-protection.md - DOM manipulation issues: See
references/dom-security.md - CSP review needed: See
references/csp-configuration.md - Input handling issues: See
references/input-validation.md - Node.js/NPM audit: See
references/nodejs-npm-security.md - Framework-specific patterns: See
references/framework-patterns.md - File upload handling: See
references/file-upload-security.md - JWT implementation: See
references/jwt-security.md
根据发现的问题加载以下参考资料:
- 发现XSS漏洞:查看
references/xss-prevention.md - 存在CSRF隐患:查看
references/csrf-protection.md - DOM操作问题:查看
references/dom-security.md - 需审查CSP:查看
references/csp-configuration.md - 输入处理问题:查看
references/input-validation.md - Node.js/NPM审计:查看
references/nodejs-npm-security.md - 框架特定模式:查看
references/framework-patterns.md - 文件上传处理:查看
references/file-upload-security.md - JWT实现:查看
references/jwt-security.md
Severity Classification
严重程度分类
CRITICAL - Exploitable XSS, authentication bypass, secrets exposure
HIGH - Missing CSRF protection, unsafe DOM manipulation, SQL injection vectors
MEDIUM - Weak CSP, missing security headers, improper input validation
LOW - Informational disclosure, deprecated functions, suboptimal practices
CRITICAL(严重) - 可被利用的XSS漏洞、身份验证绕过、敏感信息泄露
HIGH(高) - 缺失CSRF防护、不安全的DOM操作、SQL注入风险
MEDIUM(中) - 弱CSP配置、缺失安全头、输入验证不当
LOW(低) - 信息泄露、已弃用函数、非最优实践
Report Format
报告格式
markdown
undefinedmarkdown
undefinedSecurity Audit Report
安全审计报告
Summary
摘要
- Critical: X findings
- High: X findings
- Medium: X findings
- Low: X findings
- 严重:X项
- 高:X项
- 中:X项
- 低:X项
Critical Findings
严重发现
[CRITICAL-001] Title
[CRITICAL-001] 标题
- Location: file:line
- Pattern: Code snippet
- Risk: Description of the vulnerability
- Remediation: How to fix
- Reference: OWASP link
- 位置:文件:行号
- 模式:代码片段
- 风险:漏洞描述
- 修复方案:修复方法
- 参考:OWASP链接
High Findings
高风险发现
[...]
undefined[...]
undefinedOWASP Reference Links
OWASP参考链接
For comprehensive guidance, consult these OWASP cheatsheets directly:
- XSS Prevention: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
- DOM XSS Prevention: https://cheatsheetseries.owasp.org/cheatsheets/DOM_based_XSS_Prevention_Cheat_Sheet.html
- CSRF Prevention: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
- CSP: https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
- Input Validation: https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html
- HTML5 Security: https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html
- DOM Clobbering: https://cheatsheetseries.owasp.org/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.html
- Node.js Security: https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html
- NPM Security: https://cheatsheetseries.owasp.org/cheatsheets/NPM_Security_Cheat_Sheet.html
- AJAX Security: https://cheatsheetseries.owasp.org/cheatsheets/AJAX_Security_Cheat_Sheet.html
- File Upload: https://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.html
- Error Handling: https://cheatsheetseries.owasp.org/cheatsheets/Error_Handling_Cheat_Sheet.html
- JWT Security: https://cheatsheetseries.owasp.org/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html
- User Privacy: https://cheatsheetseries.owasp.org/cheatsheets/User_Privacy_Protection_Cheat_Sheet.html
- gRPC Security: https://cheatsheetseries.owasp.org/cheatsheets/gRPC_Security_Cheat_Sheet.html
如需全面指导,请直接参考以下OWASP cheat sheet:
- XSS防护:https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
- DOM XSS防护:https://cheatsheetseries.owasp.org/cheatsheets/DOM_based_XSS_Prevention_Cheat_Sheet.html
- CSRF防护:https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
- CSP:https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
- 输入验证:https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html
- HTML5安全:https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html
- DOM Clobbering防护:https://cheatsheetseries.owasp.org/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.html
- Node.js安全:https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html
- NPM安全:https://cheatsheetseries.owasp.org/cheatsheets/NPM_Security_Cheat_Sheet.html
- AJAX安全:https://cheatsheetseries.owasp.org/cheatsheets/AJAX_Security_Cheat_Sheet.html
- 文件上传:https://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.html
- 错误处理:https://cheatsheetseries.owasp.org/cheatsheets/Error_Handling_Cheat_Sheet.html
- JWT安全:https://cheatsheetseries.owasp.org/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html
- 用户隐私保护:https://cheatsheetseries.owasp.org/cheatsheets/User_Privacy_Protection_Cheat_Sheet.html
- gRPC安全:https://cheatsheetseries.owasp.org/cheatsheets/gRPC_Security_Cheat_Sheet.html