Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Classic ASP versions(v3.4.XX)
 scripting		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

DarkDrift
Junior Member

USA
126 Posts
Posted - 12 January 2005 :  11:53:43  Show Profile  Visit DarkDrift's Homepage  Send DarkDrift an AOL message
What is stopping the users from entering malicious ASP code in the reply boxes?
like if they were to write
%><%Response.Write("AHHHHH")%><%
Why doesn't that "Actually" work?
http://www.xcalliber.com - The Future of Boards

Shaggy
Support Moderator

Ireland
6780 Posts
Posted - 12 January 2005 :  12:13:56  Show Profile
Because, even if there were no checks to replace < and > with &lt; and &gt;, that code would not be executed on the server but written straight to screen as HTML.
Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 12 January 2005 :  12:29:30  Show Profile  Visit HuwR's Homepage
the input is checked to ensure no malicious code can be entered
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.47 seconds. Powered By: Snitz Forums 2000 Version 3.4.07