在ASP中将ValidateRequest设置为false的使用 [英] Use of setting ValidateRequest to false in ASP

问题描述

在ASP.Net中将ValidateRequest设置为False有什么用?

What is the use of setting ValidateRequest to False in ASP.Net?

推荐答案

它用于防止XSS攻击，因此默认为true.但是，这意味着当您要在其中一个文本框中传递诸如< script 之类的某些字符时，会出错，因为它是不允许的.

It's used to prevent XSS attacks and as such defaults to true. However this means that when you want to pass in certain characters like <script in one of your textboxes you error out as it's not permitted.

将其设置为false会为攻击打开方便之门，因此只有经过考虑后才能将其设置为这样.

Setting it to false however opens the door for attacks so only set it as such after some consideration.

Microsoft还发布了您可以使用Microsoft反跨站点脚本库.

Microsoft also released the Microsoft Anti-Cross Site Scripting Library which you could use instead.

格里斯，克里斯.

这篇关于在ASP中将ValidateRequest设置为false的使用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！