如何防止数据在asp.net中篡改firefox插件的数据 [英] how to prevent data from tamper data of firefox plugin in asp.net

问题描述

大家好，



我有一个关于跨站点请求伪造的查询..

问题是每次点击保存按钮和Firefox篡改数据启动它会篡改所有文本框输入字段并允许更改值并将其保存在数据库上的更改值。



但我想限制从篡改数据插件更新的数据,,,

如何操作？



请尽快告诉我。



提前感谢!!!!





问候，

rajshree。

hello guys,

I have one query regarding cross site request forgery..
the issue is whenever click on save button and Firefox tamper data is start it tampers all the textbox input fields and allowed to change the value and its save the changes value on database..

but i want to restrict the data that updated from tamper data plugin ,,,
how to do it?

please let it me know as soon as possible.

thanks in advance!!!!


regards,
rajshree.

推荐答案

我认为你不能限制这种行为。



相反，你必须有一个具体的验证机制，在将数据上传到数据库之前正确分析从客户端收到的数据。



写逻辑来处理验证在客户端和服务器端。还要确保数据符合您的预期格式。不要对数据库使用内联查询，而是使用参数化查询或存储过程来避免 SQL注入攻击。



还有许多其他安全注意事项，您可以在编码时考虑这些注意事项。请在Google上搜索此信息，您将找到说明。

I don't think you can restrict this behaviour.

Instead, you have to have a concrete validation mechanism, which properly analyzes the data received from client before uploading it to the Database.

Write logic to handle the validations at both client and server sides. Also make sure that data are in your intended format. Don't use Inline Queries for Database, rather go for Parameterized Query or Stored Procedures to avoid SQL Injection attack.

There are many other Security Precautions, which you can consider while coding. Please search on Google about this, you will find the instructions.

这篇关于如何防止数据在asp.net中篡改firefox插件的数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！