6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Cross-site scripting validation for VB.NET\",\"text\":\"

Why I am getting cross-site scripting?

\\n\\n

document.getElementById('<%= (HttpUtility.HtmlEncode(txt.sampleID)) %>').disabled = true\\n

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"steve\"},\"upvoteCount\":0,\"answerCount\":1,\"acceptedAnswer\":null}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","asp.net",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/asp.net/1","children":"asp.net"}]}],["$","span","vb.net",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/vb.net/1","children":"vb.net"}]}],["$","span","xss",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/xss/1","children":"xss"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/9080ddfbf11475f2c80b2d7a85047fad?s=256&d=identicon&r=PG&f=y&so-version=2","alt":"steve","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/11100908/steve","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"steve"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",1]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Cross-site scripting validation for VB.NET"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

Why I am getting cross-site scripting?

\n\n

document.getElementById('<%= (HttpUtility.HtmlEncode(txt.sampleID)) %>').disabled = true\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",0]}],["$","p",null,{"children":["Views: ",368]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",1,")"]}],[["$","div","54942595",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://lh5.googleusercontent.com/-NyVQwSvWzKQ/AAAAAAAAAAI/AAAAAAAAKIw/K5i0wJYtVro/photo.jpg?sz=256","alt":"Javier Ergui Blašković","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/8980698/javier-ergui-bla%c5%a1kovi%c4%87","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Javier Ergui Blašković"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",244]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

I'm not sure why is it still showing as XSS vulnerability but you could also sanitize ClientID, like for example if its a number just cast it to an integer.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",1]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","75072077",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/75072077","className":"text-blue-600 hover:underline","children":"Cross Site Scripting (XSS) Prevention on C#"}]}],["$","li","52052565",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/52052565","className":"text-blue-600 hover:underline","children":"Vulnerability scanner for asp.net flags cross site scripting"}]}],["$","li","28704071",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/28704071","className":"text-blue-600 hover:underline","children":"htmltextwriter and cross site scripting"}]}],["$","li","21900022",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/21900022","className":"text-blue-600 hover:underline","children":"Cross site scripting possibility?"}]}],["$","li","17503335",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/17503335","className":"text-blue-600 hover:underline","children":"Cross-site scripting and ASP.NET"}]}],["$","li","8437528",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/8437528","className":"text-blue-600 hover:underline","children":"HttpRequestValidationException and cross-site scripting XSS"}]}],["$","li","8357719",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/8357719","className":"text-blue-600 hover:underline","children":"Protecting my self from cross-site scripting"}]}],["$","li","7908148",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/7908148","className":"text-blue-600 hover:underline","children":"XSS mitigation in HTML/VBScript/Classic ASP"}]}],["$","li","5874330",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/5874330","className":"text-blue-600 hover:underline","children":"How to avoid Cross site scripting in ASP.NET"}]}],["$","li","1406063",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/1406063","className":"text-blue-600 hover:underline","children":"Microsoft Anti-Cross Site Scripting Library"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Cross-site scripting validation for VB.NET

Answers (1)

Related Questions