ASPX代码加固小结

转载于 2016-08-28 23:46:00 发布 · 118 阅读

0 ·

CC 4.0 BY-SA版权

原文链接：http://www.cnblogs.com/xiaozi/p/5816390.html

文章标签：

#c#

1、replace替换

<%@Page Language="C#"%>

<%
string strID=Request["id"];
strID = strID.Replace("'","");//单引号过滤
//strID==Globals.HtmlEncode(strID)
Response.Write(strID);
%>

2、转换

<%@ Page Language="C#" %>

<%
string strID =Request["id"];
int strID11 = int.Parse(strID);//string 转换为int
//int strID = int.Parse(Request["id"]);
//int strID = Convert.ToInt32(Request["id"]); //将对象转换为int
//string strID = HttpUtility.HtmlEncode(Request["id"]);//Htmlencode处理

int strID = int.Parse(strID);
Response.Write(strID);


%>

转载于:https://www.cnblogs.com/xiaozi/p/5816390.html