🍋
peasy / design
Menu
Semua Alat Panduan 48 Glosarium 33 Format File 131 Studi Kasus 302 API

Categories

P pdf I image D document T text D developer C css D design V video A audio Q qr S seo S security S social M math G generator
🍋 peasytools.com
Security

SSRF

Server-Side Request Forgery

An attack making the server send requests to unintended internal or external resources on behalf of the attacker.

Detail Teknis

SSRF is a critical component of information security infrastructure. The Web Crypto API (crypto.subtle) provides browser-native implementations of cryptographic algorithms including AES-GCM, RSA-OAEP, ECDSA, and SHA family hash functions. All operations execute in constant-time to prevent timing attacks. Client-side security processing ensures sensitive data (passwords, keys, encrypted content) never leaves the user's device — a property that cannot be guaranteed by server-side alternatives.

Contoh

```javascript
// SSRF — Web Crypto API example
const data = new TextEncoder().encode('sensitive data');
const hash = await crypto.subtle.digest('SHA-256', data);
const hex = Array.from(new Uint8Array(hash))
  .map(b => b.toString(16).padStart(2, '0')).join('');
```

Alat Terkait

G Generator Kata Sandi P Pemeriksa Kekuatan Kata Sandi G Generator Hash G Generator HMAC E Enkripsi / Dekripsi AES G Generator String Acak G Generator Header CSP P Peredaksi Teks G Generator Header CORS G Generator Hash SRI B Base64 Encoder / Decoder J JWT Decoder U UUID Generator T TOTP Configurator S SSL Certificate Decoder

Istilah Terkait

AES Checksum Command Injection Certificate Pinning Argon2 CORS Misconfiguration 2FA Clickjacking