zoukankan html css js c++ java

过滤关键字防止XSS攻击

        public static string ClearXSS(string str)
        {
            string returnValue = str;
            if (string.IsNullOrEmpty(returnValue)) { return string.Empty; }

            ///过滤CSS Expression AND 过滤JavsScript
            returnValue = Regex.Replace(returnValue, @"<(style|script)[^<>]*?>.*?</(style|script)>", string.Empty, RegexOptions.IgnoreCase | RegexOptions.ExplicitCapture | RegexOptions.Singleline);        

            ///过滤JS 事件 如：onclick="alert('123');"
            returnValue = Regex.Replace(returnValue, @"(?<=<[^>]+?)(onclick|ondatabinding|ondblclick|ondisposed|oninit|onkeydown|onkeypress|onkeyup|onload|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|onprerender|onunload|onerror|onfocus)(?=.*?)", string.Empty, RegexOptions.IgnoreCase | RegexOptions.ExplicitCapture | RegexOptions.Singleline);

            //过滤iframe|frame
            returnValue = Regex.Replace(returnValue, @"<(iframe|frame)[^>]*>|</(iframe|frame)>", string.Empty, RegexOptions.IgnoreCase | RegexOptions.ExplicitCapture | RegexOptions.Singleline);   

            return returnValue;
        }

查看全文

相关阅读:
[Violet]天使玩偶/SJY摆棋子
 语音识别终极教程
 语音识别
 转：awesome-lane-detection
转：awesome-object-detection
转：Awesome
转：Awesome Image/Video segmentation
转：目标检测算法总结
 转：10行代码实现物体检测
 转：词向量word2vector那些事儿

原文地址：https://www.cnblogs.com/mingjia/p/6044055.html