zoukankan      html  css  js  c++  java

  • 过滤关键字防止XSS攻击

            public static string ClearXSS(string str)
        {
            string returnValue = str;
            if (string.IsNullOrEmpty(returnValue)) { return string.Empty; }

            ///过滤CSS Expression AND 过滤JavsScript
            returnValue = Regex.Replace(returnValue, @"<(style|script)[^<>]*?>.*?</(style|script)>", string.Empty, RegexOptions.IgnoreCase | RegexOptions.ExplicitCapture | RegexOptions.Singleline);        

            ///过滤JS 事件 如:onclick="alert('123');"
            returnValue = Regex.Replace(returnValue, @"(?<=<[^>]+?)(onclick|ondatabinding|ondblclick|ondisposed|oninit|onkeydown|onkeypress|onkeyup|onload|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|onprerender|onunload|onerror|onfocus)(?=.*?)", string.Empty, RegexOptions.IgnoreCase | RegexOptions.ExplicitCapture | RegexOptions.Singleline);

            //过滤iframe|frame
            returnValue = Regex.Replace(returnValue, @"<(iframe|frame)[^>]*>|</(iframe|frame)>", string.Empty, RegexOptions.IgnoreCase | RegexOptions.ExplicitCapture | RegexOptions.Singleline);   

            return returnValue;
        }
  • 相关阅读:
    Tree Grafting
    敌兵布阵
    畅通工程(并查集)
    The Suspects(并查集)
    Ubiquitous Religions(friends变形)
    Friends(采用树结构的非线性表编程)
    小球下落(二叉树)
    铁轨
    卡片游戏
    征服C指针
  • 原文地址:https://www.cnblogs.com/mingjia/p/6044055.html
Copyright © 2011-2022 走看看