StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POBuild "exit" page using Classic ASP avoiding major Cross Site Scripting pitfalls
primarykey
Id
231204
data
AcceptedAnswerId
231606
AnswerCount
3
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2008-10-23T19:51:02.923
FavoriteCount
0
LastActivityDate
2008-10-26T17:32:03.960
LastEditDate
LastEditorUserId
0
OwnerUserId
3349
ParentId
0
PostTypeId
1
Score
0
ViewCount
1786
LastEditorDisplayName
text
Body
I'm working on updating a classic ASP web page used by a number of sub-sites maintained at the company I work for. The purpose of the page is to notify the user that they are leaving "our" site and going to another site. It's basically a disclaimer, but due to resource limitations and time limitations I can't add the disclaimer to every site we manage. This is the crux of the problem. The current code pulls a variable from the query string to create the "continue" link in the new window. This obviously creates many problems in the form of cross site scripting. How do I approach this update to eliminate most (if not all) of the cross site scripting issues using vbScript/ASP. The code I'm using is below. <pre><code><%@ Language = vbScript %> <% Option Explicit %> <% Dim strLink strLink = Request.QueryString("site") strLink = Replace(strLink, "<", "&lt") strLink = Replace(strLink, ">", "&gt;") strLink = Replace(strLink, chr(34), "") strLink = Replace(strLink, "script", "", 1, -1, 1) strLink = Replace(strLink, "onclick", "", 1, -1, 1) strLink = Replace(strLink, "ondblclick", "", 1, -1, 1) strLink = Replace(strLink, "onmousedown", "", 1, -1, 1) strLink = Replace(strLink, "onmouseover", "", 1, -1, 1) strLink = Replace(strLink, "onmousemove", "", 1, -1, 1) strLink = Replace(strLink, "onmouseout", "", 1, -1, 1) strLink = Replace(strLink, "onkeypress", "", 1, -1, 1) strLink = Replace(strLink, "onkeydown", "", 1, -1, 1) strLink = Replace(strLink, "onkeyup", "", 1, -1, 1) strLink = Replace(strLink, "onfocus", "", 1, -1, 1) strLink = Replace(strLink, "onblur", "", 1, -1, 1) strLink = Replace(strLink, "&&", "") strLink = Replace(strLink, "##", "") strLink = Replace(strLink, "&#", "") %> <a href="<%= strLink %>">Continue</a> </code></pre>
Tags
<security><asp-classic><legacy-code><xss>
Title
Build "exit" page using Classic ASP avoiding major Cross Site Scripting pitfalls
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USNip
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. COIf the link is already on your site, why would you need to sanitize it?
 singulars
 PostPostId
 POBuild "exit" page using Classic ASP avoiding major Cross Site Scripting pitfalls
 UserUserId
 USDiodeus - James MacFarlane
2. COThe problem isn't that the links we add are "bad" it's that we need a gateway page that will accept ANY URL passed in and then provide the needed disclaimer and forward the user along if they continue with the action of leaving the site. (It's a financial site so lot's of disclaimers and legal "stuff" to deal with). So the overall issue is that anyone can pass a URL (or "bad" script) to the page and potentially create an XSS problem.
 singulars
 PostPostId
 POBuild "exit" page using Classic ASP avoiding major Cross Site Scripting pitfalls
 UserUserId
 USNip

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.