单击按钮后的URL正则表达式

时间:2015-01-30 05:31:07

标签: c# asp.net regex

我有想要验证某些恶意脚本的场景。我希望每当URL获得像<~script>这样的内容时,它就会重定向到错误页面。

搜索代码: - 

dv.RowFilter = "Description LIKE ('%" + Request.QueryString["tx"].Trim().ToLower() + "%') or Title LIKE ('%" + Request.QueryString["tx"].Trim().ToLower() + "%')";
    dv.Sort = "Title ASC";
    dgrdPages.DataSource = dv;
    dgrdPages.DataBind();
    lblSearchWords.Text = Request.QueryString["tx"].ToString();
    lblFilesFound.Text = dv.Count.ToString();

1 个答案:

答案 0 :(得分:0)

在Python中

import re
text = 'http://localhost:54149/RBLBank/search.aspx?tx=test<~script>'
text2='http://localhost:54149/RBLBank/search.aspx?tx=test'
m = re.search('(<~script>.*)', text)
n = re.search('(<~script>.*)', text2)
if m:
    found = m.group(1)
    print found," found"
else:
    print "URL is safe"

if n:
    found = n.group(1)
    print found," found"
else:
    print "URL is safe"
相关问题
最新问题