Understanding Script Injection Attacks: ASP Alliance

ASP.NET Tutorials » Understanding Script Injection Attacks

Not Logged In. Login

AspAlliance
Register
Edit My Profile
Author List
Write for Us
About AspAlliance
Contact Us
Privacy Policy
Link To Us
Advertise

Subscribe
Free Newsletter
Newsletter Archive
RSS Syndication

.NET Tutorials
Learn .NET
Learn WCF
Learn WPF
Learn ASP.NET
Learn AJAX
Learn Silverlight
Learn Visual Studio
Learn ADO.NET
Learn LINQ
Learn C# (CSharp)
Learn VB.NET
Learn Web Services
Learn Controls
Learn BizTalk
Learn SharePoint
Learn Mobile
Learn SQL
Learn SQL Reporting
Learn Windows Forms
Learn XML
Learn Crystal Reports
Learn FarPoint
Learn DevExpress
Examples
ASP.NET 2.0 Examples

ASP Tutorials
Learn ASP
Learn VBScript
Learn JScript
Learn SQL
Learn XML

Software Resources
Shopping Cart Ecommerce
Charts and Dashboards

Other Resources
Learn Java
Learn Oracle
Opinion / Editorial
Crystal Reports Alliance
WPF Resources
AJAX Resources
Silverlight Resources

Free Tools
Cache Manager
SimpleCMS

Reviews
Book Reviews
Product Reviews
Expert Advice

Books
ASP.NET Developer's Cookbook
Sample Chapters
Book Reviews

Community
Regular Expressions

Print Add To Favorites Email To Friend Rate This Article
Understanding Script Injection Attacks

page 5 of 5

by SANJIT SIL
Feedback

Average Rating:

Views (Total / Last 10 Days): 27422/ 60

Article Contents:

Conclusion

It is clear that script injection is a big concern to the developers and to protect our pages from the hand of hackers we should not consider only request validation, but also should not forget to use HtmlEncode wherever applicable. It should be noted that we can disable request validation on a page-b, we should use proper numeric validation, range validation and avoiding some characters such as "*", "%", "@", or "!" in order to prevent script injection.

« (Page 4)

View Entire Article

User Comments

No comments posted yet.

Product Spotlight

Community Advice: ASP | SQL | XML | Regular Expressions | Windows