# スクリプトを呼び出せるタグは禁止 SecFilter "" SecFilter "" SecFilter "" SecFilter "" # 疑似プロトコルは禁止 SecFilter "javascript:" SecFilter "vbscript:" SecFilter "about:" # スクリプトを呼び出せるので禁止 SecFilter "expression\(" SecFilter "&{.*};" # イベントハンドラは禁止 SecFilter "onError" SecFilter "onUnload" SecFilter "onBlur" SecFilter "onFocus" SecFilter "onClick" SecFilter "onMouseOver" SecFilter "onMouseOut" SecFilter "onSubmit" SecFilt
![@IT:Webアプリケーションに潜むセキュリティホール(12)](https://cdn-ak-scissors.b.st-hatena.com/image/square/6e84fc6ab06f31b2e64248cbfc92fe06deb5bab5/height=288;version=1;width=512/https%3A%2F%2Fimage.itmedia.co.jp%2Fimages%2Flogo%2F1200x630_500x500_ait.gif)