发表新帖
发表新帖

How do you avoid XSS vulnerabilities in ASP.Net (MVC)?

后端 未结
关注
5 1946
庸人自扰
庸人自扰 2020-11-28 11:25

I recently noticed that I had a big hole in my application because I had done something like:

\" />
5条回答
  • 星月不相逢
    星月不相逢 (楼主)
    2020-11-28 11:51

    There's a few ways:

    • Use the <%: %> syntax in ASP.NET MVC2 / .NET 4.0. (Which is just syntactic sugar for Html.Encode())
    • Follow the directions laid out by Phil Haack where it details using the Anti-XSS library as the 'default' encoding engine for ASP.NET.

    0 讨论(0)
 看不清?
提交回复
热议问题