Security issues relating to submitting href links and text:
From: Chipmunk (reply_at_newsgroup.com)
Date: 02/22/04
- Next message: bill: "handling an event for a control embedded in a datalist"
- Previous message: Iain Kirk: "Re: DataSet for DropDownList problem"
- Next in thread: Ken Schaefer: "Re: Security issues relating to submitting href links and text:"
- Reply: Ken Schaefer: "Re: Security issues relating to submitting href links and text:"
- Reply: Eric Lawrence [MSFT]: "Re: Security issues relating to submitting href links and text:"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 22 Feb 2004 18:44:02 -0500
I am currently developing a website (ASP.NET) which allows users to
submit a web form containing a href link in one field and descriptive text
in another field. The records will stored to varchar columns in a SQL Server
2000 database and hosted by a 3rd party ISP. The list of links will then be
made available to other users.
What general security precautions should be taken when developing a
website of this nature? Specifically, I am concerned about the possibility
of malicious SQL or ASP script insertion and it's impact on the web or
database server. I am already using client and server side validation to
restrict the description field to alpha-numeric characters, period and
spaces.
- Next message: bill: "handling an event for a control embedded in a datalist"
- Previous message: Iain Kirk: "Re: DataSet for DropDownList problem"
- Next in thread: Ken Schaefer: "Re: Security issues relating to submitting href links and text:"
- Reply: Ken Schaefer: "Re: Security issues relating to submitting href links and text:"
- Reply: Eric Lawrence [MSFT]: "Re: Security issues relating to submitting href links and text:"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
