Vulnerability Development mailing list archives

Re: Preventing XSS in PHP...

From: Slow2Show <sl2sho () yahoo com>
Date: 3 May 2002 18:47:57 -0000

In-Reply-To: <OFE256DE49.2B105DB6-ON03256BAE.005150E7 () carol com br>

That is really interesting... Somebody would have more
information on a
s to
implement this in ASP?
Without having that to filter all manually tags?


I think you misunderstood me, the asp.net framework has 
validation controls such as asp:RangeValidator and 
asp:RequiredFieldValidator available to the webApp 
developerjust like PHP has functions such as 
HTMLSpecialChars
There is no "universal form input sanitizing"

Some articles and examples:

http://www.eraserver.net/robertlair/example_validators.aspx
http://www.aspalliance.com/chrisg/default.asp?article=59
http://msdn.microsoft.com/library/en-
us/dnaspp/html/pdc_userinput.asp

Ciao,

-Slow2Show-
University of Florida

Current thread:

Re: Preventing XSS in PHP... Slow2Show (May 02)
- Re: Preventing XSS in PHP... William N. Zanatta (May 03)
- <Possible follow-ups>
- Re: Preventing XSS in PHP... alrferreira (May 03)
- Re: Preventing XSS in PHP... Slow2Show (May 03)