asp.net中sql过滤和xss过滤函数参考
[ 2011-01-13 09:49:09 | 作者: admin ]
/// <summary>
///sql和xss脚本过滤
/// </summary>
/// <param name="input">传入字符串</param>
/// <returns>过滤后的字符串</returns>
public static string FilterSqlXss(string objStr)
{
return FilterXSS(FilterSql(objStr));
}
/// <summary>
/// 过滤sql攻击脚本
/// </summary>
/// <param name="input">传入字符串</param>
/// <returns>过滤后的字符串</returns>
public static string FilterSql(string objStr)
{
string strXSS = "|',''|shell,s hell|cmd,c md|alter,a lter|drop,d rop|union,u nion|exec,e xec|declare,d eclare|delete,d elete|create,c reate|update,u pdate|insert,i nsert|select,s elect|dbo.,d bo.|--,--|\\(,(|\\),)|";
objStr = ReplaceString(objStr,strXSS);
return objStr;
}
/// <summary>
/// 过滤xss攻击脚本
/// </summary>
/// <param name="input">传入字符串</param>
/// <returns>过滤后的字符串</returns>
public static string FilterXSS(string html)
{
if (html==null) return "";
// CR(0a) ,LF(0b) ,TAB(9) 除外,过滤掉所有的不打印出来字符.
// 目的防止这样形式的入侵 <java\0script>
// 注意:\n, \r, \t 可能需要单独处理,因为可能会要用到
string ret = System.Text.RegularExpressions.Regex.Replace(
html, "([\x00-\x08][\x0b-\x0c][\x0e-\x20])", string.Empty);
//替换所有可能的16进制构建的恶意代码
//<IMG SRC=@avascript
//:a&_#X6Cert('XSS')>
string chars = "abcdefghijklmnopqrstuvwxyz"+
"ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"+
"!@#$%^&*()~`;:?+/={}[]-_|'\"\\";
for (int i = 0; i < chars.Length; i++)
{
ret =
System.Text.RegularExpressions.Regex.Replace(ret,
string.Concat("(&#[x|X]0{0,}",
Convert.ToString((int)chars[i], 16).ToLower(),
";?)"),
chars[i].ToString(),
System.Text.RegularExpressions.RegexOptions.IgnoreCase);
}
//过滤\t, \n, \r构建的恶意代码
string[] keywords = {"javascript", "vbscript", "expression",
"applet", "meta", "xml", "blink", "link", "style",
"script", "embed", "object", "iframe", "frame",
"frameset", "ilayer", "layer", "bgsound", "title",
"base" ,"onabort", "onactivate", "onafterprint",
"onafterupdate", "onbeforeactivate", "onbeforecopy",
"onbeforecut", "onbeforedeactivate", "onbeforeeditfocus",
"onbeforepaste", "onbeforeprint", "onbeforeunload",
"onbeforeupdate", "onblur", "onbounce", "oncellchange",
"onchange", "onclick", "oncontextmenu", "oncontrolselect",
"oncopy", "oncut", "ondataavailable", "ondatasetchanged",
"ondatasetcomplete", "ondblclick", "ondeactivate",
"ondrag", "ondragend", "ondragenter", "ondragleave",
"ondragover", "ondragstart", "ondrop", "onerror",
"onerrorupdate", "onfilterchange", "onfinish",
"onfocus", "onfocusin", "onfocusout", "onhelp",
"onkeydown", "onkeypress", "onkeyup", "onlayoutcomplete",
"onload", "onlosecapture", "onmousedown", "onmouseenter",
"onmouseleave", "onmousemove", "onmouseout", "onmouseover",
"onmouseup", "onmousewheel", "onmove", "onmoveend",
"onmovestart", "onpaste", "onpropertychange",
"onreadystatechange", "onreset", "onresize",
"onresizeend", "onresizestart", "onrowenter",
"onrowexit", "onrowsdelete", "onrowsinserted",
"onscroll", "onselect", "onselectionchange",
"onselectstart", "onstart", "onstop", "onsubmit",
"onunload"};
bool found = true;
while (found)
{
string retBefore = ret;
for (int i = 0; i < keywords.Length; i++)
{
string pattern = "/";
for (int j = 0; j < keywords[i].Length; j++)
{
if (j > 0)
pattern = string.Concat(pattern,
'(', "(&#[x|X]0{0,8}([9][a][b]);?)?",
"|(�{0,8}([9][10][13]);?)?",
")?");
pattern = string.Concat(pattern, keywords[i][j]);
}
string replacement =
string.Concat(keywords[i].Substring(0, 2),
"<x>", keywords[i].Substring(2));
ret =
System.Text.RegularExpressions.Regex.Replace(ret,
pattern, replacement,
System.Text.RegularExpressions.RegexOptions.IgnoreCase);
if (ret == retBefore)
found = false;
}
}
return ret;
}
评论Feed: http://blog.xg98.com/feed.asp?q=comment&id=1627
这篇日志没有评论。
此日志不可发表评论。
