Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles
(untagged)

Prevent URL from XSS cross site scripting

0.00/5 (No votes)
25 Mar 2012 1  
suppose your url ishttp://www.xyz.com/defaultand some hacker try for hacking the website so type some script text on url

This articles was originally at wiki.asp.net but has now been given a new home on CodeProject. Editing rights for this article has been set at Bronze or above, so please go in and edit and update this article to keep it fresh and relevant.

suppose your url is

http://www.xyz.com/default

and some hacker try for hacking the website so type some script text on url like

http://www.xyz.com/default/<script>alert("xss");</script>

for preventing this types of scripting

use this code inside the web.config file

<httpRuntime requestValidationMode="2.0" />

<customErrors mode="On" defaultRedirect="http://www.msn.com">

</cusomErrors>

//if you try for redirect the url on your domain url (http://www.xyz.com) then give error  so give other url name

//for preventing xss script

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here