quarta-feira, 11 de julho de 2012

ASP.NET C# Script Evil Handled

Use the function bellow to handle your evil requests...



        public string scriptEvilReplace(string possibleEvilValue)
        {
            if (Regex.IsMatch(possibleEvilValue, "<(.|\n)*?>"))
                return Server.HtmlEncode(possibleEvilValue);
            else
                return possibleEvilValue;
        }


Try to read this:

http://htmlagilitypack.codeplex.com/

Postar um comentário