473,729 Members | 2,243 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Classic asp security question

I would like to know if anyone has ever heard of a security solution
for preventing cross-site scripting attacks in classic asp. ASP.NET
1.1 provided a built in validateRequest feature that throws a security
exception whenever there is a < and character combination in the
request/forms collection. Does anyone know of a server solution that
you can install on IIS that will provide this same functionality? The
only solution I have come up with is to write a global include file
that handles searching the forms and querystring collection looking
for suspect characters. However, this would require updating many asp
files.

Feb 21 '07 #1
0 1341

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
9611
by: A Ratcliffe | last post by:
Hopefully just a couple of quick quick questions/responses, but its not something I've generally had trouble with in the past. Unfortunately, I need answers ASAP if anyone is available to help. a) Having seen .NET's IsPostBack which solves many problems, I looked at the ServerVariables etc to see what I could check to confirm PostBack in classic ASP. I initially considered using HTTP_REFERER to check it was coming from my form, and then...
99
6216
by: Jim Hubbard | last post by:
It seems that Microsoft not only does not need the classic Visual Basic developer army (the largest army of developers the world has ever seen), but now they don't need ANY Windows developer at a small or mid-sized business. http://groups-beta.google.com/group/microsoft.public.msdn.general/browse_thread/thread/9d7e8f9a00c1c7da/459ca99eb0e7c328?q=%22Proposed+MSDN+subscription+changes%22&rnum=1#459ca99eb0e7c328 Damn! To be that...
3
1915
by: Web Webon | last post by:
Hi everybody! I wonder if this is possible? I need to determine if a client is using "windows classic folders" or anything else. If I instantiate a Shell ActiveX object is there a way of obtaining this information from javascript? (I know that the user will get prompted about allowing such an operation, but I am willing to live with this). Because of the way one of my pages work, I need to know this information in order to "cover up"...
2
1610
by: Rob Shorney | last post by:
Hi, We currently have a classic asp web application. We are currently looking at upgrading this to ASP.NET. However I have a couple of problems that need to be resolved. 1. aspx forms always post back to themselves. how do I get it to post to another web page.
3
2148
by: bill | last post by:
I need to open a asp.net web form from a classic asp page, and pass a username and password to the asp.net page. The username and password exist as session variables in the classic asp application. I can't put the password in the classic asp page form as a hidden field and submit it, because someone can view source and see the password. This is a security problem I encounter in a mixed classic asp and asp.net environment. I don't...
5
2957
by: Velvet | last post by:
Can someone tell me to what process I need to attach to be able to step through my classic ASP code in VS.net 2003. I'm working on an XP box with IIS installed. I also have VS.net 2005 (The final, never installed beta) installed on this box if it makes a difference (I did not install VS Development Web Server as I'm already using the XP web server). I've seen that I need to attach to the native IIS engine, but I don't know what it's...
0
943
by: Atlbike | last post by:
I would like to know if anyone has ever heard of a security solution for preventing cross-site scripting attacks in classic asp. ASP.NET 1.1 provided a built in validateRequest feature that throws a security exception whenever there is a < and character combination in the request/forms collection. Does anyone know of a server solution that you can install on IIS that will provide this same functionality? The only solution I have come up...
7
2157
by: tanya.wang | last post by:
I have a system written in classic asp and a lot of Javascript. Due to its performance and security issue, we decided to re-write this big module. I heard that C/C++ has a better support in performance and security (relatively) but here comes my questions: 1. Can ASP talk to C/C++? Because from my experience I use C/C++ mainly for application console. 2. If I want to exclude most of the Javascript and use other programming language...
11
3332
by: Jan T. | last post by:
I wonder if anybody know a web site that has a good tutorial on this subject. What I want to do, is make a log in Page, and make sure that all my pages is validating that the user is loged in until he or she logs out. May be someone would like to give an example in this news group too? Thank you for any help! BTW, I am using Access 2000 and classic ASP.
0
8761
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9280
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
1
9200
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
9142
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
8144
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
6722
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
6016
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
1
3238
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
3
2162
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.