Not look me, Sorry Just Testing
-
alert('hello');
-
alert('hello');
Yeah, nice try, but script tags are automatically ignored by the rendering engine. Along with a bunch of other HTML tags.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007 -
Yeah, nice try, but script tags are automatically ignored by the rendering engine. Along with a bunch of other HTML tags.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007Is this conversation cover me from cross-site scripting? (Especially in asp.net post forum pages) < to & lt; > to & gt; & to & amp;
-
Is this conversation cover me from cross-site scripting? (Especially in asp.net post forum pages) < to & lt; > to & gt; & to & amp;
From the few keywords in your "question", this belongs in the ASP.NET forum. Though I have no idea what you're saying because your "question" doesn't make any sense.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007 -
From the few keywords in your "question", this belongs in the ASP.NET forum. Though I have no idea what you're saying because your "question" doesn't make any sense.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007Acutually I want to prevent cross-site scripting in asp.net forums. If I want to protect from user input data when user (lamer) enter script in the textbox in asp.net forms. If I get to textbox string and convert the <, >, & symbol to HTMLEncoding in the string. Is this process enough for prevent cross-site scripting?
-
alert('hello');
Go test somewheres else instead of in a forum :mad:
"Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon