Prevent URL from XSS cross site scripting

ASP.NET Community

Rate me:

5.00/5 (1 vote)

11 Oct 2013CPOL

6.5K

suppose your url ishttp://www.xyz.com/defaultand some hacker try for hacking the website so type some script text on url

This articles was originally at wiki.asp.net but has now been given a new home on CodeProject. Editing rights for this article has been set at Bronze or above, so please go in and edit and update this article to keep it fresh and relevant.

suppose your url is

http://www.xyz.com/default

and some hacker try for hacking the website so type some script text on url like

http://www.xyz.com/default/<script>alert("xss");</script>

for preventing this types of scripting

use this code inside the web.config file

</cusomErrors>

//if you try for redirect the url on your domain url (http://www.xyz.com) then give error so give other url name

//for preventing xss script

This article was originally posted at http://wiki.asp.net/page.aspx/1766/prevent-url-from-xss-cross-site-scripting

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Written By

ASP.NET Community

United States

The ASP.NET Wiki was started by Scott Hanselman in February of 2008. The idea is that folks spend a lot of time trolling the blogs, ~~googling~~live-searching for answers to common "How To" questions. There's piles of fantastic community-created and MSFT-created content out there, but if it's not found by a search engine and the right combination of keywords, it's often lost.

The ASP.NET Wiki articles moved to CodeProject in October 2013 and will live on, loved, protected and updated by the community.

This is a Collaborative Group

754 members

Prevent URL from XSS cross site scripting

License

Comments and Discussions