[英]Need JS regular expression for the following string
I need Javascript regular expression for the following Hex string: 我需要以下十六进制字符串的Javascript正则表达式:
fileArg=ABC&Detail=%2d%2d%3e%3c%2f%73%43%72%49%70%54%3e%3c%73%43%72%49%70%54%
20%74%59%70%45%3d%74%45%78%54%2f%76%42%73%43%72%49%70%54%3e%4d%73%67%42%
6f%78%28%31%35%32%36%36%29%3c%2f%73%43%72%49%70%54%3e
The hex part above is the following in ASCII: 上面的十六进制部分是ASCII中的以下内容:
--></sCrIpT><sCrIpT tYpE=tExT/vBsCrIpT>MsgBox(15266)</sCrIpT>
Can you help write a Javascript regular expression which matches the above hex string? 您能否帮助编写与上述十六进制字符串匹配的Javascript正则表达式?
Thanks 谢谢
It looks like something a hacker put together to insert the following line of VBScript into a page : 看起来像是黑客将以下VBScript行插入页面的组合:
<script type=text/vbscript>MsgBox(15266)</script>
Code like that is used to test websites for XSS vulnerabilities . 诸如此类的代码用于测试网站的XSS漏洞 。
You should use server.htmlencode
to filter your query parameters before you do anything else with them (like store them in a database or display them on screen). 在对它们执行其他任何操作之前(例如将它们存储在数据库中或在屏幕上显示),您应该使用server.htmlencode
过滤查询参数。
Further reading : 进一步阅读:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.