Click here to Skip to main content
15,936,709 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi Everyone,

Could you please let me know how to avoid Script tags in the hidden fields. While loading the page through "POST" Method, some malcious code is inserted into the page and the statement below is displayed in the page.

<input type='Hidden' id-"Hid1" value ="One" /><script>alert("hi");</script>

Please let me know how to avoid Hacking(Post Request)...


Thanks,
Manowj.
Posted
Updated 10-Feb-14 4:33am
v5

1 solution

Check this article
SQL Injection and Cross-Site Scripting[^]

If possible migrate your project to ASP.NET, it'll save lot of headaches.

In Classic ASP you could use Server.HTMLEncode[^]

Search google for more but go with ASP.NET.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900