Classic asp security question

A

Atlbike

I would like to know if anyone has ever heard of a security solution
for preventing cross-site scripting attacks in classic asp. ASP.NET
1.1 provided a built in validateRequest feature that throws a security
exception whenever there is a < and > character combination in the
request/forms collection. Does anyone know of a server solution that
you can install on IIS that will provide this same functionality? The
only solution I have come up with is to write a global include file
that handles searching the forms and querystring collection looking
for suspect characters. However, this would require updating many asp
files.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,902
Latest member
Elena68X5

Latest Threads

Top