Broken Authentication - CAPTCHA Bypassing,ba_captcha_bypass.php
Broken Authentication - Forgotten Function,ba_forgotten.php
Broken Authentication - Insecure Login Forms,ba_insecure_login.php
Broken Authentication - Logout Management,ba_logout.php
Broken Authentication - Password Attacks,ba_pwd_attacks.php
Broken Authentication - Weak Passwords,ba_weak_pwd.php
Session Management - Administrative Portals,smgmt_admin_portal.php
在该级别下,cookie可以在http和使用js访问。
setcookie("top_security", "no", time()+3600, "/", "", false, false);
top_security
no