ASP.NET 脚本过滤 防止跨站脚本攻击
/// <summary>
/// HTML解码
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public string HtmlDecode(string input)
{
StringBuilder sb = new StringBuilder(
HttpUtility.HtmlDecode(input));
return sb.ToString();
}
/// <summary>
/// HTML编码
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public string HtmlEncode(string input)
{
StringBuilder sb = new StringBuilder(
HttpUtility.HtmlEncode(input));
//选择性的允许<b> 和 <i>
sb.Replace("<b>", "<b>");
sb.Replace("</b>", "");
sb.Replace("<i>", "<i>");
sb.Replace("</i>", "");
return sb.ToString();
}
相关文档:
//Excel批量导入到数据库
protected void btnUpload_Click(object sender, EventArgs e)
{
string IsXls = System.IO.Path.GetExtension(UploadExcel.FileName.ToString().ToLower ......
1、使用Page.ClientScript.RegisterClientScriptBlock
RegisterClientScriptBlock方法可以把JavaScript函数放在页面的顶部。也就是说,该脚本用于在浏览器中启动页面。
Code
<%@ Page Language="C#" %>
<script runat="server">
protected void Page_Load(object send ......
asp.net自动生成静态页面代码
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
......
http://www.codeproject.com/KB/aspnet/ASPDOTNETPageLifecycle.aspx?msg=3443071#xx3443071xx
ASP.NET application and page life cycle
Introduction
The Two step process
Creation of ASP.NET environment
Process request using MHPM events fired
In What event we should do what?
A sample code for demons ......
原因就是IIS和.net Framework2.0安装顺序反了,因为我先前曾经装过VisualStudio2005,所以系统里先安装了.net Framework2.0,而这样后来装过IIS后,.net Framework未注册相关组件,不能对IIS做出修改,就会出现这种情况!
解决方法:
到C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727中找,有个工具叫 aspnet_regiis.exe ......