回顾所有答案 我已经为我的案例定制了一个解决方案，每个解决方案都有一点:

Reviewing all the answers I had made one solution customized for my case with a little bit of each one:

我再次检查了已知漏洞扫描程序的行为.他们加载页面一次，并根据收集到的信息开始提交，使用恶意脚本更改字段的内容，以验证某些类型的漏洞.

I checked again the behavior of the known vulnerability scanners. They load the page one time and with the information gathered they start to submit it changing the content of the fields with malicious scripts in order to verify certain types of vulnerabilities.

但是:如果我们签署表格怎么办?如何?使用存储在 Session 对象中的随机内容创建一个隐藏字段.如果该值被提交超过 n 次，我们只需再次创建它.我们只需要检查它是否匹配，如果它不只是采取我们想要的行动.

But: What if we sign the form? How? Creating a hidden field with a random content stored in the Session object. If the value is submitted more than n times we just create it again. We only have to check if it matches, and if it don't just take the actions we want.

但我们可以做得更好:为什么要更改字段的值，我们随机更改字段的名称?是的，随机更改字段名称并将其存储在会话对象中可能是一个更棘手的解决方案，因为表单总是不同的，并且漏洞扫描程序只加载一次.如果我们没有获得具有存储名称的字段的输入，我们就不会处理表单.

But we can do it even better: Why instead to change the value of the field, we change the name of the field randomly? Yes changing the name of the field randomly and storing it in the session object is maybe a more tricky solution, because the form is always different, and the vulnerability scanners just load it once. If we don’t get input for a field with the stored name, simply we don't process the form.

我认为这可以节省大量的 CPU 周期.我正在使用问题中提到的漏洞扫描程序进行一些测试，它运行良好！

I think this can save a lot of CPU cycles. I was doing some test with the vulnerability scanners mentioned in the question and it works perfectly!

好吧，非常感谢你们所有人，正如之前所说，这个解决方案是通过每个答案的一点点做出的.

Well, thanks a lot to all of you, as a said before this solution was made with a little bit of each answer.