On Friday April 1 2005 09:06, Friedrich Gurtler spake:
> Joey Kelly wrote:
> >I'm having trouble fining out how to do mangle string data. Is there a way
> > to use regular expressions with aspx? Or am I barking up the wrong tree?
>
> System.Text.RegularExpressions
>
> >Oh, and are there classes that will help me clean user data, to protect
> >against cross-site scripting, etc? I'm worried about security, naturally.
>
> If you are doing form validation in ASP, you should look at the ASP
> validators (asp:RequiredFieldValidator, asp:RegularExpressionValidator,
> asp:RangeValidator, asp:CustomValidator).
>
> HttpServerUtility.HtmlEncode will HTML encode your user input. (ie,
> transform < into < > into >, etc) Also, by default, if someone
> enters XML / HTML into an input field you get a security exception.
Wow, that's even easier than PHP's way of handling user data. Thanks.
-- Joey Kelly < Minister of the Gospel | Linux Consultant > http://joeykelly.net GPG key fingerprint = 8F11 D859 81A6 DE8C 5429 4A07 7146 1AFD 5C41 161E "I may have invented it, but Bill made it famous." --- David Bradley, the IBM employee that invented CTRL-ALT-DEL
___________________
Nolug mailing list
nolug@nolug.org
This archive was generated by hypermail 2.2.0 : 12/19/08 EST