A.NETÓÅ»¯:Sql×¢ÈëºÍHtml×¢ÈëµÄºÚñSEO(1)_.NET¸ÅÂÛ¼°Èí¼þʹÓÃ_ºÚ¿Í·ÀÏßÍø°²·þÎñÆ÷ά»¤»ùµØ--Powered by WWW.RONGSEN.COM.CN

A.NETÓÅ»¯:Sql×¢ÈëºÍHtml×¢ÈëµÄºÚñSEO(1)

×÷ÕߣººÚ¿Í·ÀÏßÍø°²ASPά»¤»ùµØ À´Ô´£ººÚ¿Í·ÀÏßÍø°²ASPά»¤»ùµØ ä¯ÀÀ´ÎÊý£º0

±¾Æª¹Ø¼ü´Ê£º×¢ÈëÓÅ»¯ ÎÒÃÇ
ºÚ¿Í·ÀÏßÍø°²ÍøѶ£º    ºÚñ£¨black hat£©SEOÖ÷ÒªÊÇÖ¸²ÉÈ¡¡°²»ÔõôµÀµÂ¡±£¨ÔÝʱ¾ÍÕâôÐÎÈÝ°É£¡£©µÄ·½Ê½½øÐÐËÑË÷ÒýÇæÓÅ»¯¡£1. ×¢Èë¹¥»÷£¬°üÀ¨Sql×¢ÈëºÍHtml×¢Èë¡£ÎÒ¾­³£ÄÜ¿´µ½¶ÔSql×¢Èë·À·¶µÄ̸ÂÛ£¬µ«¶ÔÓÚHtml×¢...

    ºÚñ£¨black hat£©SEOÖ÷ÒªÊÇÖ¸²ÉÈ¡¡°²»ÔõôµÀµÂ¡±£¨ÔÝʱ¾ÍÕâôÐÎÈÝ°É£¡£©µÄ·½Ê½½øÐÐËÑË÷ÒýÇæÓÅ»¯¡£

1. ×¢Èë¹¥»÷£¬°üÀ¨Sql×¢ÈëºÍHtml×¢Èë¡£ÎÒ¾­³£ÄÜ¿´µ½¶ÔSql×¢Èë·À·¶µÄ̸ÂÛ£¬µ«¶ÔÓÚHtml×¢È룬ºÜ¶àÈ˲¢Ã»ÓÐÒýÆð×ã¹»µÄÖØÊÓ¡£ÎªÁËչʾHtml×¢ÈëµÄЧ¹û£¬ÎÒÃÇÄ£·ÂÁËÒ»¸ö³£¼ûµÄÁôÑÔ±¾¹¦ÄÜ¡£

Ê×ÏÈ£¬ÔÚÒ³ÃæÉùÃ÷ÖÐÌí¼ÓÁ½¸öÊôÐÔÉèÖÃEnableEventValidation=¡°false¡± ValidateRequest=¡°false¡± £¬ÕâºÜ¹Ø¼ü£¬¶ÁÕß¿ÉÒÔÊÔÒ»ÏÂÈç¹û²»ÕâÑùÉèÖûáÓÐʲôЧ¹û¡£

<%@ Page Language="C#" AutoEventWireup="true"  CodeFile="Default.aspx.cs" Inherits="_Default" EnableEventValidation="false" ValidateRequest="false" %>


È»ºó£¬Ç°Ì¨Ò³ÃæºÍºǫ́´úÂë¶Î·Ö±ðÈçÏ£º

<asp:TextBox ID="txtInput" runat="server" Height="95px" Width="405px" TextMode="MultiLine"></asp:TextBox>
        <asp:Button ID="btnSubmit" runat="server" Text="Simple Submit"
            onclick="btnSubmit_Click" />
        <asp:Label ID="lblShow" runat="server"></asp:Label>


    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        this.lblShow.Text = this.txtInput.Text;
    }


³ÌÐòºÜ¼òµ¥£¬½«Óû§ÊäÈëµÄÄÚÈÝÔÙÏÔʾ³öÀ´¶øÒÑ¡£ÔËÐдúÂ룬ȻºóÊäÈëÎÒÃǵĶñÒâ´úÂ룬Ìá½»¡£

<p>Sanitizing <img src=""INVALID-IMAGE" onerror='location.href="http://too.much.spam/"'>!</p>


ÎÒÃǻᷢÏÖÒ³Ãæ×Ô¶¯Ìøתµ½http://too.much.spam/Ò³Ã棡Õâ¾ÍÊÇËùνµÄ¡°Html×¢È롱¡£µ±pageÒ³Ãærenderµ½¿Í»§¶Ëºó£¬ä¯ÀÀÆ÷»á°´Ò»¸öÆÕͨµÄhtmlÒ³Ãæ½øÐнâÎö£»µ±½âÎöµ½ÉÏÃæµÄjs´úÂëʱ¡­¡­

ΪÁ˱ÜÃâÕâÖÖÈëÇÖ£¬ÔÚasp.netÖУ¬ÎÒÃÇ×î¼òµ¥µÄ´¦Àí·½Ê½¾ÍÊǶÔÊäÈëµÄÄÚÈݽøÐС°Html±àÂ롱¡£½«ºǫ́´úÂë¸ÄΪ£º

    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        this.lblShow.Text = this.Server.HtmlEncode(this.txtInput.Text);
    }


ÏÖÔÚÎÒÃÇÔÙÔËÐдúÂ룬·¢ÏÖÔ´´úÂë±»Ô­ÑùÊä³öÏÔʾÔÚÒ³Ã棬²¢Ã»ÓÐÔËÐС£ÎªÊ²Ã´ÄØ£¿²é¿´Êä³öÒ³ÃæµÄÔ´´úÂ룺

<span id="lblShow">&lt;p&gt;Sanitizing &lt;img src=&quot;&quot;INVALID-IMAGE&quot; onerror='location.href=&quot;http://too.much.spam/&quot;'&gt;!&lt;/p&gt;</span>

ÕûÀíºó£¬ÎÒÃÇ·¢ÏÖÈçϵÄÓ³Éäת»»£º

<  --  &lt;  (less than)
>  --  &gt;  (greater than)
"  --  &quot;   (quota)

ËùÒÔjsÎÞ·¨Ö´ÐУ¬µ«ÔÚÒ³ÃæÏÔʾʱ£¬ÎÒÃÇÈ·ÄÜ¿´µ½¡°Ô­Ö­Ô­Î¶¡±µÄjsÄÚÈÝ¡£

µ«ÎÊÌⲢûÓнáÊø£¬ÏÖʵÊÀ½çÖУ¬ÊäÈëµÄÄÚÈݳýÁ˶ñÒâ´úÂëÒÔÍ⣬»¹¿ÉÄÜÓÐÈçϵÄÄÚÈÝ£º

<span style=" color:blue">ºÚñ</span>£¨black hat£©SEOÖ÷ÒªÊÇÖ¸²ÉÈ¡<span style=" color:blue">¡°²»ÔõôµÀµÂ¡±</span>£¨ÔÝʱ¾ÍÕâôÐÎÈÝ°É£¡£©µÄ·½Ê½½øÐÐËÑË÷ÒýÇæÓÅ»¯¡£


ÎÒÃÇÏ£ÍûÏÔʾÀ¶É«µÄÎÄ×Ö£¬µ«¾­¹ý±àÂëºó£¬ÏÔÈ»ÎÞ·¨´ïµ½ÎÒÃǵÄЧ¹û¡£Îª´Ë£¬ÎÒÃÇ»¹ÐèÒª½øÐиü¾«È·µÄ¹ýÂË¡£ÕâÒ²ÊÇΪʲô֮ǰÎÒÃÇÒªÉèÖÃEnableEventValidation=¡°false¡± ValidateRequest=¡°false¡±µÄÏÖʵԭÒò¡£

ÆäʵÎÒ×îÏÈÏëµ½µÄ·½°¸ÊÇ£ºÊ×ÏȶÔÕû¸öÄÚÈݽøÐбàÂ룬Ȼºó°ÑÎÒÃÇÔÊÐíʹÓõÄhtml±êÇ©ÔÙÌæ»»»ØÀ´¡£ÕâÑùÊÇÏ൱±£Ïյģ¬µ«ÊÇÔÚ¾ßÌåµÄ²Ù×÷ÖУ¬Óöµ½Á˺ܶàÎÊÌ⣬Õâ¸öÓôÃÆ°¡~~~£¨Èç¹ûÓÐË­ÓÐÕâÖÖʵÏÖµÄʵÏÖ´úÂ룬ǧÍòÒªÄóöÀ´´ó¼Ò·ÖÏíÒ»ÏÂѽ£©¡£

ÎÒÏȽéÉÜÁíÒ»ÖÖ·½°¸£º

Ê×ÏÈҪȡ³ö±êÇ©£¬È磬<span style=¡° color:blue¡±>¡¢</span>ºÍ<script >£¬ÎÒÃǵÄÌæ»»·¶Î§½ö¾ÖÏÞÓÚ±êÇ© < > Ö®¼äµÄÄÚÈÝ¡£

È»ºó»ñÈ¡ËùÓеıêÇ©Ãû³Æ¡¢ÊôÐÔµÄÃû³ÆºÍÖµ£¬Èç¹ûÓнûÖ¹³öÏÖµÄÄÚÈÝ£¬¾ÍÌæ»»µô¡£¿ÉÄܵĶñÒâ´úÂëÐÎʽÈçÏÂËùʾ£º

±êÇ©µÄÃû³Æ£º <script </script

±êÇ©ÀïµÄÊôÐÔ£º<span onclick

ÊôÐÔµÄÖµ£º<img onerror=¡°javascript:'

    ºÚ¿Í·ÀÏßÍø°²·þÎñÆ÷ά»¤·½°¸±¾ÆªÁ¬½Ó£ºhttp://www.rongsen.com.cn/show-14033-1.html
Íøվά»¤½Ì³Ì¸üÐÂʱ¼ä:2012-03-30 05:24:49  ¡¾´òÓ¡´ËÒ³¡¿  ¡¾¹Ø±Õ¡¿
ÎÒÒªÉêÇë±¾Õ¾£ºNµã | ºÚ¿Í·ÀÏß¹ÙÍø |  
רҵ·þÎñÆ÷ά»¤¼°Íøվά»¤ÊÖ¹¤°²È«´î½¨»·¾³£¬ÍøÕ¾°²È«¼Ó¹Ì·þÎñ¡£ºÚ¿Í·ÀÏßÍø°²·þÎñÆ÷ά»¤»ùµØÕÐÉ̽øÐÐÖУ¡QQ:29769479

footer  footer  footer  footer