scripting issue.....
-
Hello friends, The site I am working on, is affected by a malicious script. Actually it is always added at the end of the inline code. If it is a html page, then there will not be problem in opening the page. But if the page is using master page and when it is added at the end on the inline code i.e outside the content tag, then there will be a parser error saying that " Only Content controls are allowed directly in a content page that contains Content controls." Now my question is , Is there any way to block these types of malicious scripts being added in the inline code. I should tell you that I googled a lot and gathered some of the articles from the msdn site showing the security measures to avoid these scripts. I worked accordingly and did all the steps like validating the user input, validating the query string, validate request property in the web.config etc... Also I contacted the server guys. But they are saying that it is coming from the browser i.e they are pointing the arrow towards the coding part. I dont know where I am lacking. Please assist me.
cheers, sneha
-
Hello friends, The site I am working on, is affected by a malicious script. Actually it is always added at the end of the inline code. If it is a html page, then there will not be problem in opening the page. But if the page is using master page and when it is added at the end on the inline code i.e outside the content tag, then there will be a parser error saying that " Only Content controls are allowed directly in a content page that contains Content controls." Now my question is , Is there any way to block these types of malicious scripts being added in the inline code. I should tell you that I googled a lot and gathered some of the articles from the msdn site showing the security measures to avoid these scripts. I worked accordingly and did all the steps like validating the user input, validating the query string, validate request property in the web.config etc... Also I contacted the server guys. But they are saying that it is coming from the browser i.e they are pointing the arrow towards the coding part. I dont know where I am lacking. Please assist me.
cheers, sneha
sneha Choudhary wrote:
Now my question is , Is there any way to block these types of malicious scripts being added in the inline code.
There is obviously a process on your computer that's doing this, buy some good anti virus software and use it.
sneha Choudhary wrote:
Also I contacted the server guys. But they are saying that it is coming from the browser i.e they are pointing the arrow towards the coding part.
Well, I've found that godaddy, for instance, will claim that there is a code issue, no matter how well you can prove it's not true. So, not sure what to say there. They are almost certainly wrong/clueless. If they run the server, they have the virus, simple as that.
Christian Graus Driven to the arms of OSX by Vista. Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
-
Hello friends, The site I am working on, is affected by a malicious script. Actually it is always added at the end of the inline code. If it is a html page, then there will not be problem in opening the page. But if the page is using master page and when it is added at the end on the inline code i.e outside the content tag, then there will be a parser error saying that " Only Content controls are allowed directly in a content page that contains Content controls." Now my question is , Is there any way to block these types of malicious scripts being added in the inline code. I should tell you that I googled a lot and gathered some of the articles from the msdn site showing the security measures to avoid these scripts. I worked accordingly and did all the steps like validating the user input, validating the query string, validate request property in the web.config etc... Also I contacted the server guys. But they are saying that it is coming from the browser i.e they are pointing the arrow towards the coding part. I dont know where I am lacking. Please assist me.
cheers, sneha
-
Hello friends, The site I am working on, is affected by a malicious script. Actually it is always added at the end of the inline code. If it is a html page, then there will not be problem in opening the page. But if the page is using master page and when it is added at the end on the inline code i.e outside the content tag, then there will be a parser error saying that " Only Content controls are allowed directly in a content page that contains Content controls." Now my question is , Is there any way to block these types of malicious scripts being added in the inline code. I should tell you that I googled a lot and gathered some of the articles from the msdn site showing the security measures to avoid these scripts. I worked accordingly and did all the steps like validating the user input, validating the query string, validate request property in the web.config etc... Also I contacted the server guys. But they are saying that it is coming from the browser i.e they are pointing the arrow towards the coding part. I dont know where I am lacking. Please assist me.
cheers, sneha
You have already posted this question earlier. Web browsers cannot modify you master pages or the aspx pages. This is an internal threat and not an external one. It is for sure some virus or trojan that is sitting on your server and doing this mischief. Get some good Anti-virus tool / Security Suite and scan your server.