Thulasiram pakala

Thulasiram pakala

  • 902
  • 872
  • 116.6k

Prevent Cross site scripting attack in asp.net C#

Mar 28 2019 1:20 AM
this i got app scan error in cross site script error
 
hi any body can give me solution
 
<asp:Label ID="lbl_Name" runat="server" Text='<%#Eval("Uname") %>'></asp:Label>
<asp:GridView ID="GridView1" runat="server" AutoGenerateColumns="False" OnRowCancelingEdit="GridView1_RowCancelingEdit" OnRowEditing="GridView1_RowEditing" OnRowUpdating="GridView1_RowUpdating" OnRowDeleting="GridView1_OnRowDeleting" OnPageIndexChanging="GridView1_PageIndexChanging" Width ="1000px" class="grid"> <Columns> <asp:TemplateField HeaderText="User Name"> <ItemTemplate> <asp:Label ID="lbl_Name" runat="server" Text='<%#Eval("Uname") %>'></asp:Label> </ItemTemplate> <EditItemTemplate> <asp:TextBox ID="txt_Name" runat="server" Text='<%#Eval("Uname") %>'></asp:TextBox> //this is the line vulnerable to XSS</EditItemTemplate> </asp:TemplateField> </Columns>

Answers (2)