stackoom
  简体   繁体   中英

How to find encoded html value in chrome?

 原文  2022-07-15 21:37:21       html/ asp.net-core/ google-chrome/ xss/ html-encode

Question

From Microsoft Docs

The Razor engine used in MVC automatically encodes all output sourced from variables So for the following razor view 

@{
    var untrustedInput = "<\"123\">";
}

@untrustedInput

This view should output the contents of the untrustedInput variable. This variable includes some characters which are used in XSS attacks, namely <, " and >.

So my expectation was browser source code will show the encoded value as: &lt;&quot;123&quot;&gt;

But instead I see the rendered value
在此处输入图像描述

Where would I actually see the encoded value in the browser?

1 answers

solution1
 0  2022-07-15 22:51:24

Sorry I found it. I am looking at the wrong tab. If i open Network->my route->Response Tab. I see the encoded value

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to Find HTML-Encoded Character in JavaScript String? How to parse encoded HTML Setting Value in Javascript with encoded HTML How to check a string is html encoded or not? Find all HTML and non-HTML encoded URLs in string How to render HTML encoded text in SLIM How to handle possibly HTML encoded values in javascript How to embed utf8 encoded html into element How to decode HTML encoded text in MS Access How to display encoded HTML as decoded in MVC 3 Razor?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM