清理用户输入库.NET
是否有一个 .Net 库,每个人都用它来验证/清理网站上的用户输入。似乎有很多帖子解释人们使用哪些正则表达式以及何时使用。虽然我确实喜欢经常重新发明轮子,但我会在用户输入时划清界限。
大多数情况下,我并不担心 SQL 注入,而是担心 html 输入和我无法想象的输入。它只会让我脸上露出微笑,因为它像这样工作:
string sanitizedInput = InputSanitizer.SanitizeInput(input, SanitizeOption.RemoveHTML
| SanitizeOption.RemoveSQL);
有人有这样的东西吗? (提前致谢)
Is there a .Net library which everyone uses to validate/cleanup user input from website. It seems like there are a lot of posts explaining which regex people use and when. While I do like to reinvent the wheel quite frequently I draw the line at user input.
Mostly I am not worried about SQL injection, but rather am concerned about html inputs and inputs which I cannot imagine. It would just put a smile on my face for it to work like this:
string sanitizedInput = InputSanitizer.SanitizeInput(input, SanitizeOption.RemoveHTML
| SanitizeOption.RemoveSQL);
Anyone have anything like this? (Thanks in advance)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
最新版本的 AntiXSS 具有 MS 内部使用的 HTML 清理功能。
The latest version of AntiXSS has HTML sanitization functions that MS use internally.
有 xVal:
http://www.codeplex.com/xval
和验证器工具包:
http://mvcvalidatortoolkit.codeplex.com/
There's xVal:
http://www.codeplex.com/xval
and the Validator toolkit:
http://mvcvalidatortoolkit.codeplex.com/