我有以下控制器代码:
[HttpPost]
public ActionResult Reset(FormCollection form)
{
string[] userName = form.GetValues("username");
Models.HomeModel hm = new Models.HomeModel();
//Check this map exists, as in the user actual exists
//at all.
if (!hm.UserExists(userName[0]))
return View("Index");
if (hm.CheckForExistingLink(userName[0]))
return View("LinkExists");
if (hm.CreateLink(userName[0]))
return View("Success");
else
return View("UnSuccessful");
}
如果用户输入<b>作为用户名,则会引发应用程序错误,防止XSS的最简单方法是什么?我看了一下Sanitizer AntiXSS,但是在将它添加到项目中并看到它在参考中可用后,我仍然无法调用它