preventing malicious user input

S

Stimp

I have an input field, which will ultimately be stored in a database
and the contents of which will be output on screen at some stage.

ASP.NET has built-in functionality to prevent users inputing values
such as "<script>", etc, to call malicious code, but I'd prefer to back
this up with my own input validation.

I'll deny < and > characters on input.. any other
strings/characters to look for?

Thanks!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ASP.net (vb.net) session query - preventing a user from accessing apage while another user is viewin 2
PostbackUrl property issues after preventing user from posting asp.net page 2
Creating user input Search with 3rd party search engines 0
escaping/stripping all user HTML input 1
User Input Validation 2
I need help in understanding these files on my phone, Could someone help me understand these files? Urgent help needed. Please help. 1
Ignore F1-F12 keys when user enters text input on console 3
Preventing assigning pointer to variable from temporary which out ofscope 1

Members online

No members online now.
Total: 26 (members: 0, guests: 26)
Robots: 332

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,009
Latest member
GidgetGamb

Latest Threads

Top