发表新帖
发表新帖

XPath injection mitigation

后端 未结
关注
3 574
情深已故
情深已故 2020-12-07 02:42

Are there any pre-existing methods in .NET to detect/prevent an xpath injection attack?

I can forsee 2 examples but there are likely many more.

e.g.

3条回答
  • 有刺的猬
    有刺的猬 (楼主)
    2020-12-07 03:25

    Just avoid building XPath expressions using string concatenation. Use parameters/variables instead.

    0 讨论(0)
 看不清?
提交回复
热议问题