|
ASP Security Functions v1.4 Updated
|
Email
|
| Submitted on: |
10/4/2006 1:35:51 AM |
| By: |
James Dougherty
|
| Level: |
Intermediate |
| User Rating: |
By 3 Users |
| Compatibility: |
ASP (Active Server Pages), VbScript (browser/client side)
|
| Views: |
11045 |
|
|
|
|
|
UPDATED: Added an SQL injection prevention method, Added more documentation, and a few more minor changes.
This code will show you how to prevent header injection, the method GET (only allow POST from a form), unauthorized domain access, and invalid agent access. You see a lot of SQL injection prevention methods and what not, but nothing to this level. This is a first on PSC I belive. If you like it please leave some feedback and vote.
|
| |
|
 Download code
Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come
out every day, so no prevention program can catch 100% of them. For your own safety, please:
- Re-scan downloaded files using your personal virus checker before using it.
- NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
If you don't have a virus scanner, you can get one at many places on the net
including:McAfee.com
|
Terms of Agreement:
By using this code, you agree to the following terms...
- You may use
this code in your own programs (and may compile it into a program and distribute it in compiled format for languages that allow it) freely and with no charge.
- You MAY NOT redistribute this code (for example to a web site) without written permission from the original author. Failure to do so is a violation of copyright laws.
- You may link to this code from another website, but ONLY if it is not wrapped in a frame.
- You will abide by any additional copyright restrictions which the author may have placed in the code or code's description.
|
Other 3 submission(s) by this author
|
|
Report Bad Submission
|
Your Vote
|
| |
Other User Comments
|
 10/3/2006 8:42:12 AM: Mark
Excellent! Thanks for sharing this.
(If this comment was disrespectful, please report it.)
|
10/3/2006 7:31:14 PM: James Dougherty
You're welcome and I am glad you liked it.
(If this comment was disrespectful, please report it.)
|
3/12/2011 2:12:34 AM: Garth
Not too bad, thanks for sharing. However, it would be better if the SQLInjectionBlock actually returned an "InjectAttempt" flag to the page could be aborted if need be so stop the injector. Otherwise stripping the injection simply accepts a rubbish record anyway.
(If this comment was disrespectful, please report it.)
|
Add Your Feedback
Your feedback will be posted below and an email sent to
the author. Please remember that the author was kind enough to
share this with you, so any criticisms must be stated politely, or they
will be deleted. (For feedback not related to this particular code, please
click here instead.)
To post feedback, first please login.
|
