IIS ASP - Classic asp security question

This is Interesting: Free IT Magazines  
Home > Archive > IIS ASP > February 2007 > Classic asp security question





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Classic asp security question
Atlbike

2007-02-21, 1:18 pm

I would like to know if anyone has ever heard of a security solution
for preventing cross-site scripting attacks in classic asp. ASP.NET
1.1 provided a built in validateRequest feature that throws a security
exception whenever there is a < and > character combination in the
request/forms collection. Does anyone know of a server solution that
you can install on IIS that will provide this same functionality? The
only solution I have come up with is to write a global include file
that handles searching the forms and querystring collection looking
for suspect characters. However, this would require updating many asp
files.

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com