Click here to Skip to main content
Click here to Skip to main content

Prevent URL from XSS cross site scripting

, 11 Oct 2013 CPOL
Rate this:
Please Sign up or sign in to vote.
suppose your url is some hacker try for hacking the website so type some script text on url

Editorial Note

This articles was originally at but has now been given a new home on CodeProject. Editing rights for this article has been set at Bronze or above, so please go in and edit and update this article to keep it fresh and relevant.

suppose your url is

and some hacker try for hacking the website so type some script text on url like<script>alert("xss");</script>

for preventing this types of scripting

use this code inside the web.config file

<httpRuntime requestValidationMode="2.0" />

<customErrors mode="On" defaultRedirect="">


//if you try for redirect the url on your domain url ( then give error  so give other url name

//for preventing xss script


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

ASP.NET Community

United States United States
The ASP.NET Wiki was started by Scott Hanselman in February of 2008. The idea is that folks spend a lot of time trolling the blogs, googlinglive-searching for answers to common "How To" questions. There's piles of fantastic community-created and MSFT-created content out there, but if it's not found by a search engine and the right combination of keywords, it's often lost.
The ASP.NET Wiki articles moved to CodeProject in October 2013 and will live on, loved, protected and updated by the community.
Group type: Collaborative Group

428 members

Comments and Discussions

-- There are no messages in this forum --
| Advertise | Privacy | Terms of Use | Mobile
Web04 | 2.8.141220.1 | Last Updated 11 Oct 2013
Article Copyright 2013 by ASP.NET Community
Everything else Copyright © CodeProject, 1999-2014
Layout: fixed | fluid