跨站点脚本漏洞处理技术 [英] Cross site scripting vulnerability handling techniques

问题描述

你好我在网上的第一个问题。

i一直在寻找跨站点脚本及其技术以及如何解决这些漏洞。



我的应用程序已经在处理和检查表单文本框中的任何脚本。只有xss可以通过URL的参数来伤害我。



我在每个页面检查或应用编码解码这会花费我很多精力，因为页面数量很多。 />


i正在考虑检查golobal.asax begin_request方法中任何特殊字符的URL，如果有任何脚本或特殊字符，它将路由到错误页面。



或者我可以对我已经构建的通用页面clas实施此检查由于某些原因我没有该项目只有DLL是可用的



所以请以任何其他方式解决这个问题。



soryy我的英文不好并提前感谢

Hello my first ever question on Web.
i have been searching for Cross site scripting and its techniques and how to fix these vulnerability.

My applicatoin is already handling and checking for any script in Form textboxes . only xss can hurt me through URL's paramater .

I check or apply encoding decoding on each page this will cost me a lot effort as there are hundered of pages .

i was thinking to check the URL for any spcial character on golobal.asax begin_request method and if there is any script or spcial character it will route to error page.

or i can implement this check on generic page clas that i have build for some reason i dont have that project only DLL is availble

so please sugest me any other way to address this issue.

soryy for my bad english and thanks in advance

推荐答案

将.js文件更新到最新版本。它将解决您的网络漏洞问题。



请参考此链接：

http://www.acunetix.com/websitesecurity/cross-site-scripting/ [ ^ ]

Update .js file to latest version. It will solve your web vulnerablity issue.

Please refer this link :
http://www.acunetix.com/websitesecurity/cross-site-scripting/[^]

请参阅此链接并找到我在那里发布的答案。



需要有关Sql注入和XSS漏洞的代码 [ ^ ]



问候..：）

Refer to this link and find the answer i posted there.

need code about Sql injection and XSS vulnerability[^]

Regards..:)

这篇关于跨站点脚本漏洞处理技术的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！