• This topic has 1 reply, 2 voices, and was last updated 9 years ago by Adan.
  • How to deal with cross site scripting threats

    Fierro Member

    I am working on site using C# in ASP.NET. During security audit to to deal with cross site scripting threats ?

  • Adan Member
    LblMsg.Text = HttpUtility.HtmlEncode(msg)

    You need to encode your msg before inserting it into your label. It’s the thing with not trusting user input to your function.

    https://msdn.microsoft.com/en-us/library/73z22y6h(v=vs.110).asp.net for further details.

Viewing 1 reply thread
  • You must be logged in to reply to this topic.
en_USEnglish