xss漏洞修复,待完善
1.防止sql注入
/// <summary> /// 分析用户请求是否正常 /// </summary> /// <param name="Str">传入用户提交数据</param> /// <returns>返回是否含有SQL注入式攻击代码</returns> /// private bool ProcessSqlStr(string Str) { bool ReturnValue = true; try { if (!string.IsNullOrWhiteSpace(Str)) { Str = Str.Replace("/*", ""); Str = Str.Replace("*/", ""); Str = Str.ToLower(); string SqlStr = "and |exec |insert |select |delete |update |count | * |chr |mid |master |truncate |char |declare "; string[] anySqlStr = SqlStr.Split('|'); foreach (string ss in anySqlStr) { if (Str.IndexOf(ss) >= 0) { ReturnValue = false; } } } } catch { ReturnValue = false; } return ReturnValue; }
2.防止xss注入
private bool ProcessXSSStr(string Str) { bool ReturnValue = true; try { if (!string.IsNullOrWhiteSpace(Str)) { Str = Str.Replace("/*", ""); Str = Str.Replace("*/", ""); Str = Str.ToLower(); string[] anyXSSStr = {"javascript", "vbscript", "script","alert(","expression(" ,"onabort", "onactivate", "onafterprint", "onafterupdate", "onbeforeactivate", "onbeforecopy", "onbeforecut", "onbeforedeactivate", "onbeforeeditfocus", "onbeforepaste", "onbeforeprint", "onbeforeunload", "onbeforeupdate", "onblur", "onbounce", "oncellchange", "onchange", "onclick", "oncontextmenu", "oncontrolselect", "oncopy", "oncut", "ondataavailable", "ondatasetchanged", "ondatasetcomplete", "ondblclick", "ondeactivate", "ondrag", "ondragend", "ondragenter", "ondragleave", "ondragover", "ondragstart", "ondrop", "onerror", "onerrorupdate", "onfilterchange", "onfinish", "onfocus", "onfocusin", "onfocusout", "onhelp", "onkeydown", "onkeypress", "onkeyup", "onlayoutcomplete", "onload", "onlosecapture", "onmousedown", "onmouseenter", "onmouseleave", "onmousemove", "onmouseout", "onmouseover", "onmouseup", "onmousewheel", "onmove", "onmoveend", "onmovestart", "onpaste", "onpropertychange", "onreadystatechange", "onreset", "onresize", "onresizeend", "onresizestart", "onrowenter", "onrowexit", "onrowsdelete", "onrowsinserted", "onscroll", "onselect", "onselectionchange", "onselectstart", "onstart", "onstop", "onsubmit", "onunload"}; foreach (string ss in anyXSSStr) { if (Str.IndexOf(ss) >= 0) { ReturnValue = false; } } } } catch { ReturnValue = false; } return ReturnValue; }
3.对http请求进行拦截处理,上下文根据程序进行修改
public System.Web.Mvc.ActionResult Execute(Page_Context pageViewContext, PagePositionContext positionContext) { if (pageViewContext.ControllerContext.HttpContext.Request.Form != null) { for (int i = 0; i < pageViewContext.ControllerContext.HttpContext.Request.Form.Keys.Count; i++) { string getkeys = pageViewContext.ControllerContext.HttpContext.Request.Form.Keys[i]; string str = pageViewContext.ControllerContext.HttpContext.Request.Form[getkeys]; if (!ProcessSqlStr(str)) { pageViewContext.ControllerContext.HttpContext.Response.Redirect("~/safe_error"); pageViewContext.ControllerContext.HttpContext.Response.End(); } } } if (pageViewContext.ControllerContext.HttpContext.Request.QueryString != null) { string url = pageViewContext.ControllerContext.HttpContext.Request.Url.AbsoluteUri; if (!ProcessXSSStr(url)) { pageViewContext.ControllerContext.HttpContext.Response.Redirect("~/safe_error"); pageViewContext.ControllerContext.HttpContext.Response.End(); } for (int i = 0; i < pageViewContext.ControllerContext.HttpContext.Request.QueryString.Count; i++) { string getkeys = pageViewContext.ControllerContext.HttpContext.Request.QueryString.Keys[i]; string str = pageViewContext.ControllerContext.HttpContext.Request.Form[getkeys]; if (!ProcessXSSStr(getkeys)) { pageViewContext.ControllerContext.HttpContext.Response.Redirect("~/safe_error"); pageViewContext.ControllerContext.HttpContext.Response.End(); } if (!ProcessSqlStr(str)) { pageViewContext.ControllerContext.HttpContext.Response.Redirect("~/safe_error"); pageViewContext.ControllerContext.HttpContext.Response.End(); } } } return null; }
其他方法:
antixss: http://www.cnblogs.com/coderzh/archive/2010/06/24/1764725.html
https://msdn.microsoft.com/en-us/library/aa973813.aspx