public partial class SecretUtil { //正则过滤字符 private const string StrRegex = @"<[^>]+?style=[\w]+?:expression\(|\b(alert|confirm|prompt)\b|^\+/v(8|9)|<[^>]*?=[^>]*?&#[^>]*?>|\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|/\*.+?\*/|<\s*script\b|<\s*img\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)"; /// <summary> /// POST请求 /// </summary> /// <param name="putData">输出非法字符串</param> /// <returns></returns> public static bool PostData(out string putData) { bool result = false; putData = string.Empty; for (int i = 0; i < HttpContext.Current.Request.Form.Count; i++) { result = CheckData(HttpCo
文章来源地址https://www.toymoban.com/news/detail-501390.html
文章来源:https://www.toymoban.com/news/detail-501390.html
到了这里,关于防御诸如跨站脚本攻击XSS)、SQL注入攻击等恶意攻击的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!