xss漏洞修复,待完善

1.防止sql注入

 

 /// <summary>
        /// 分析用户请求是否正常
        /// </summary>
        /// <param name="Str">传入用户提交数据</param>
        /// <returns>返回是否含有SQL注入式攻击代码</returns>
        /// 
        private bool ProcessSqlStr(string Str)
        {
            bool ReturnValue = true;
            try
            {
                if (!string.IsNullOrWhiteSpace(Str))
                {
                    Str = Str.Replace("/*", "");
                    Str = Str.Replace("*/", "");
                    Str = Str.ToLower();
                    string SqlStr = "and |exec |insert |select |delete |update |count | * |chr |mid |master |truncate |char |declare ";
                    string[] anySqlStr = SqlStr.Split('|');
                    foreach (string ss in anySqlStr)
                    {
                        if (Str.IndexOf(ss) >= 0)
                        {
                            ReturnValue = false;
                        }
                    }
                }
            }
            catch
            {
                ReturnValue = false;
            }
            return ReturnValue;
        }

 

2.防止xss注入

   private bool ProcessXSSStr(string Str)
        {
            bool ReturnValue = true;
            try
            {
                if (!string.IsNullOrWhiteSpace(Str))
                {
                    Str = Str.Replace("/*", "");
                    Str = Str.Replace("*/", "");
                    Str = Str.ToLower();
                    string[] anyXSSStr = {"javascript", "vbscript", "script","alert(","expression("
        ,"onabort", "onactivate", "onafterprint", "onafterupdate", "onbeforeactivate", "onbeforecopy", "onbeforecut", "onbeforedeactivate", "onbeforeeditfocus", "onbeforepaste", "onbeforeprint", "onbeforeunload", "onbeforeupdate", "onblur",
        "onbounce", "oncellchange", "onchange", "onclick", "oncontextmenu", "oncontrolselect", "oncopy", "oncut", "ondataavailable", "ondatasetchanged", "ondatasetcomplete", "ondblclick", "ondeactivate", "ondrag", "ondragend", "ondragenter", 
        "ondragleave", "ondragover", "ondragstart", "ondrop", "onerror", "onerrorupdate", "onfilterchange", "onfinish", "onfocus", "onfocusin", "onfocusout", "onhelp", "onkeydown", "onkeypress", "onkeyup", "onlayoutcomplete", "onload",
        "onlosecapture", "onmousedown", "onmouseenter", "onmouseleave", "onmousemove", "onmouseout", "onmouseover", "onmouseup", "onmousewheel", "onmove", "onmoveend", "onmovestart", "onpaste", "onpropertychange", "onreadystatechange", 
        "onreset", "onresize", "onresizeend", "onresizestart", "onrowenter", "onrowexit", "onrowsdelete", "onrowsinserted", "onscroll", "onselect", "onselectionchange", "onselectstart", "onstart", "onstop", "onsubmit", "onunload"};
                    foreach (string ss in anyXSSStr)
                    {
                        if (Str.IndexOf(ss) >= 0)
                        {
                            ReturnValue = false;
                        }
                    }
                }
            }
            catch
            {
                ReturnValue = false;
            }
            return ReturnValue;
        }

 

3.对http请求进行拦截处理,上下文根据程序进行修改

 public System.Web.Mvc.ActionResult Execute(Page_Context pageViewContext, PagePositionContext positionContext)
        {
            if (pageViewContext.ControllerContext.HttpContext.Request.Form != null)
            {
                for (int i = 0; i < pageViewContext.ControllerContext.HttpContext.Request.Form.Keys.Count; i++)
                {
                    string getkeys = pageViewContext.ControllerContext.HttpContext.Request.Form.Keys[i];
                    string str = pageViewContext.ControllerContext.HttpContext.Request.Form[getkeys];
                    if (!ProcessSqlStr(str))
                    {
                        pageViewContext.ControllerContext.HttpContext.Response.Redirect("~/safe_error");
                        pageViewContext.ControllerContext.HttpContext.Response.End();                        
                    }
                }
            }

            if (pageViewContext.ControllerContext.HttpContext.Request.QueryString != null)
            {
                string url = pageViewContext.ControllerContext.HttpContext.Request.Url.AbsoluteUri;

                if (!ProcessXSSStr(url))
                {
                    pageViewContext.ControllerContext.HttpContext.Response.Redirect("~/safe_error");
                    pageViewContext.ControllerContext.HttpContext.Response.End();
                }

                for (int i = 0; i < pageViewContext.ControllerContext.HttpContext.Request.QueryString.Count; i++)
                {
                    string getkeys = pageViewContext.ControllerContext.HttpContext.Request.QueryString.Keys[i];
                    
                    string str = pageViewContext.ControllerContext.HttpContext.Request.Form[getkeys];

                    if (!ProcessXSSStr(getkeys))
                    {
                        pageViewContext.ControllerContext.HttpContext.Response.Redirect("~/safe_error");
                        pageViewContext.ControllerContext.HttpContext.Response.End();
                    }


                    if (!ProcessSqlStr(str))
                    {
                        pageViewContext.ControllerContext.HttpContext.Response.Redirect("~/safe_error");
                        pageViewContext.ControllerContext.HttpContext.Response.End();   
                    }

                 
                }
            }
            return null;
        }

 

其他方法:

antixss:      http://www.cnblogs.com/coderzh/archive/2010/06/24/1764725.html

                 https://msdn.microsoft.com/en-us/library/aa973813.aspx

posted @ 2016-10-11 11:45  ldybyz  阅读(1504)  评论(0编辑  收藏  举报