Cross-Site Scripting

I have a web application mainly written in ASP. How can I prevent my pages like login.asp and other important pages from Cross-site scripting malicious attacks. What precautions should I take ?

View Replies


ADVERTISEMENT

Cross Domain

I have a swf file in one domain and an ASP file in another domain; the swf doesn't not receive the variables form the ASP, how can solve the problem with crossdomain policy?

View Replies View Related

Cross Browser

My code works in IE but not in Netscape. Can someone let me know what should be done in order to view the javascript function also in Netscape. Thanks.
Script:

Quote: <script language="javascript">
function showurl(v){
var layers = document.all.tags("DIV");
layers['show'].style.visibility=v;
}
</script>
Form:

Quote: <input type="radio" name="check1" value="1" onclick="showurl('visible')"> View all Links
<div id="show" style="visibility: hidden;">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='http://www.myurl.com'
target="_blank">www.myurl.com</a><br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='http://www.someurl.com'
target="_blank">www.someurl.com</a>
</div>

View Replies View Related

Cross Language Variables

Can anyone tell me how i can access the value of a variable created in javaScript, within an ASP statement and vice-versa if poss??

View Replies View Related

Cross Domain Cookie? By IP Perhaps?

Anyone know of a way to allow a cookie to be read by multiple domains, or even better a specific IIS server IP? We're looking to track users across multiple domains within our website group.

View Replies View Related

ASP To Cross-domain Access

We have web server A, sitting outside out firewall in the DMZ
Database server (FoxPro) B, sitting inside out firewall
No trusts, seperate domains.

Webserver A, running just ASP (No ASP.NET) needs to access a DB on B, but
just times out
with no error (bottom of page says done).

I have a strong feeling it is because we need to do cross domain pemissions.
I know how to set this up for ASPNET, but not just ASP.

View Replies View Related

Cross Domain Page

anyone know how to include a cross domain page?

eg: www.mydomain.com/index.asp, want to include www.yahoo.com page.

View Replies View Related

How To Write Into A Cross Subdomain Cookie

I manage a site with a normal address like: www.mysite.com
I'm using a cookie to store nicks of my users, with a code like this:
----
Response.Cookies("mycookie").Expires = #January 1, 2030#
Response.Cookies("mycookie").Path = ""
Response.Cookies("mycookie").Secure = FALSE
Response.Cookies("mycookie")("nick") = nick
----

and I'm deleting it, if a user wants so, with:
----
Response.Cookies("mycookie").Expires = #January 1, 2003#
Response.Cookies("mycookie").Path = ""
Response.Cookies("mycookie").Secure = FALSE
Response.Cookies("mycookie")("nick") = ""
Response.Cookies("mycookie") = ""
----
(I know, there's too much stuff in the delete procedure!)

Now I'm going to open some new sections of my site, with subdomain
adresses, like search.mysite.com, shop.mysite.com... and I need that
cookie authentication for the main (www) address is working also in
these subdomains.

I red on the Internet that with the DOMAIN property, I can set my
cookie to make it work for every subdomain, with something like:
----
Response.cookies("mycookie").domain = ".mysite.com"
----

.... and it works!
My problem is when I try to DELETE it: after I set a cookie with
..domain property, it seems to become "read only": any my attempt to
delete (or modify) it seems to be ignored.

Results are the same when I try to write it from the subdomain that
created it (www), or when I try from the "chief" address (mysite.com,
without any subdomain).

Where's my mistake?

View Replies View Related

Cross-Platform Session State

At risk of being flamed for mentioning the N-word here ...

Has anybody yet cracked the knotty problem of sharing Session
state between ASP and ASP.Net sites (within the same domain)?

Last time I looked, the two Session() mechanisms were totally
divorced and separate, making step-by-step conversion of Session
-dependent web sites from ASP to ASP.Net all but impossible.

View Replies View Related

Cross Contamination Of Data Between Forms

I have just taken over an ASP application that has a form whereby the user on entering details submits it, where an administrator approves the form. lately I have been getting calls from people who on opening a Finalsed Form (non-editable) to copy similiar data to the new form, are finding the new form disapearing and the Finalised form taking on the new data.

Being new to ASP, I am assuming this would be a session thing, considering the Form number is held in a session variable, as are many other fileds of the form? Is this a common "break" in ASP - a user opening another copy of a form and ending up with cross-contamineted data? I havent included intracate details as at this stage I wouldnt know what to include without including the whole 20 pages of 1300+ lines of code...

View Replies View Related

Cross Domain Update On The Database

Im in contact with the developer who built the other website and he is being helpful in writing the code on the payment confirmation (which only he has access to).

I need to be able to update my database when an order has been completed (from the confirmation page on the other domain). Can you update an access db from another domain? if so are there any security issues? what, if any, permission do i need to set up ie: on the database or on my domain? what is the code to do this?

View Replies View Related

Passing Variables Cross Domain

I'm wondering if it is possible to have an ASP page that "links" to another ASP page on another domain that is generating variables (in the form of a URL string)?

iframes can connect to the ASP file on another domain, however, I don't know how to access that data in ASP.

View Replies View Related

Cross Server Database Communication

I am trying to find a way to make an asp page on one computer access a database stored on a different computer and perform numerous operations on it. I am unsure if this is possible as up til now I've always used a database in the same folder as my .asp pages. Can anyone provide some insight into this?

View Replies View Related

Create Cross Domain Cookies

What libraries would I need installed, or what configuration to the server is needed, to allow me to set a cookie on 'site1.com' that can be read on site2.com

No log-in, just using a cookie from a form on site 1 (name) and being able to print out their name on site 2, without messy querystrings. Is this possible? I cannot find proof that this is supported.

View Replies View Related

Cross Domain Cookie Handling - No Redirects

Does anyone have a successful experience in using XMLHTTP or ASPtear to read
a cookie on another domain? Can it be done at all using these or similar
technologies or can it only be done using the redirect trick?

View Replies View Related

Building An ASP Site Using Dreamweaver - Can Html Site Be On ASP Server?

I am to build a site onto an ASP server. Anyone here used Dreamweaver and is it just a simple matter of opening up a new ASP page in Dreamweaver and build the site like you would normally do with a HTML page and it will handle the ASP coding accordingly and you can just simply upload it onto an ASP server and it will work?

The site I am to build is basically just a standard html website, but my friend wants me to build it for an ASP server so he has asked me to make sure it is an asp site so I am presuming with the extension .asp

If I build it as a html site to begin with, will converting it to asp be hard. Could I just export my pages into asp or is there more to it?

Can a Html website be loaded and working on an asp server or host?

Is it possible to have a site mixed both html and asp, eg. the home page is html and when you click on shopping cart on the home page it goes to a hopping cart page thats .asp or do they all have to have the same extension.

View Replies View Related

Posting Form Variables From Site A To Site B

I have to pass form data from my site to another organizations site using POST method... how exactly do I do that? Im familiar with how to do it within a single site/domain, and cant use querystring... I dont know where to begin.

View Replies View Related

Site Search Powered By Google Site Map?

Whenever I do a site that is mostly static but with some semi-dynamic
sections, I've struggled to find a good site search solution without
paying for a hosted search service.

I like the FSO-based search engines, but they fail to pick up on some of
the dynamic part.

I was just creating a Google sitemap and it made me wonder: has anyone
created or seen a script that uses the XML Google sitemap to power a
search engine for your own site?

Seems like if you were keeping it updated for Google, why not use it for
your own site?

View Replies View Related

Scripting

The script below does what it i supposed to on a remote server, but when run on my local host, it hangs endlessly. Do I need to do something on my computer to accommodate this ability to create folders?

Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
folder = Server.mapPath("images/rentals") & "/" & Request("l_name")
objFSO.CreateFolder(folder)
Set objFSO = Nothing

View Replies View Related

Scripting

I am trying to get a database working on my site but I am very New to ASP. what I want to do is if ther is a match in a database to automatically sent a msg to the user to say there is a match.

View Replies View Related

Using Scripting

I've got a freebie hosting mirror of my production personal website
(sounds kinda grandiose, doesn't it?) at http://journeys.webhostme.com/.
At the production website I was using Scripting.FileSystemObject to get
the date that the file was last modified and to read/write a counter
text file for the number of hits that the whole site had. The freebie
has a kind of half-ass*d FileSystemObject, but it has no GetFile method.
Is there any way I can accomplish the same things without using the
FileSystemObject, or by using the crippled one?

View Replies View Related

Scripting

This ASP script below is sitting on a Windows 2000 IIS Server Box and the
fldr was pointing to Bradford2 emp which was a Windows 2000 server and
worked great, now I changed the fldr to point to Bradford7 emp which is a
Windows 2003 R2 server. After pointing to Windows 2003 R2 box the
FolderExists(fldr) no longer works. The directory is there and all the
permissions are the same from Bradford2 to Bradford7.
Dim fldr, fso
fldr = "radford7 emp"
Set fso = CreateObject("Scripting.FileSystemObject")
If NOT fso.FolderExists(fldr) Then
' Folder Found
Else
' Folder Not Found
End If

View Replies View Related

Cgi Scripting

I have a form who's action is an ASP page used to verify the form data. If the data passes, it re-directs to a cgi script. Otherwise, it redirects back to the form page and shows the appropriate error messages. The problem, however, is that the data is lost once it goes thru the validation page. It doesn't get sent on to the cgi script, and it doesn't get sent back to the form page if the data validation fails.

What I need to know is how I can pass the values that were entered on to the cgi script or back to the form page after validation. Or, better yet, how to do the validation on the form page itself, and only proceeding to the cgi script (the form's action) if validation passes.

View Replies View Related

FTP Scripting

I have been "hitting the wall with my head" for couple of weeks now, what I need is a way to automatically generate ftp script that will be run when I click the download link on the site that is made using asp technology (not asp.net). How can I do that,can anyone give me some helpfull information ? I am using windows2003 server, with IIS and FTP server set up.

View Replies View Related

ASP Scripting Languages?

I was reading up on ASP for a report and it talked about scripting languages. It also talked about using VBScript or Javascript as a scripting language? What exaclty is a scripting language and why do you have to use it?

View Replies View Related

Client Scripting

The following HTML exists on a page in Internet Explorer v6:

<BODY>
<FORM action="x" method="post" name="Form1">
<INPUT type="hidden" name="key" />
<INPUT type="submit" value="Go" />
</FORM>
</BODY>

What would be the correct VBScript or JavaScript syntax to:
A. Set the value of the key field to "ABC"
B. Submit the form to the server

View Replies View Related

MS Access Scripting

I want to script real-time data FROM financial Web sites TO an MS Access db.
on a PC (no server issues).
Is this possible?If so what should I use ASP VBScript, ASP.NET VB or something else

View Replies View Related

ASP Scripting Technology

Does anyone know if the ASP scripting technology has a support lifecycle at
Microsoft? Is there any information on if/when ASP as an application platform
will no longer be supported by Microsoft? I have a customer that wants to
know if they stay w/ a mission critical ASP based application, will Microsoft
will still provide support (updates, security patches...) for the ASP
technology it is built on.

View Replies View Related

Remote Scripting ASP

I use the RemoteScripting with the rsproxy.class within my asp pages.
I don't have problems except, when the Java console is not active in IE.
Is there a way to detect from asp, if the java console is active or not ?

or, how to do remote scripting without the rsproxy ?

View Replies View Related

ActiveX Scripting

Does anyone know where I can find any good documentation using ActiveX scripting with asp and vbscript? How is ActiveX scripting different than using ADO (ActiveX Data Objects)?

View Replies View Related

Remote Scripting

I have a Web application that uses Remote Scripting to provide dynamic data to a web page.I am testing the application in Internet Explorer 6 SP1 running on Windows XP Professional.
When I use the Microsoft JVM,the application works without any problems.However, as a result of future withdrawal of support of the Microsoft JVM as a result of the settlement with Sun, I need to ensure that the application works okay with the Sun Java plug-in for Internet Explorer.
This component is no longer available,and clicking on the OK button only reiterates this message. When I click on the Cancel button instead, the Remote Scripting functionality fails to work.Is it possible for Remote Scripting to be configured to work with an alternative JVM, such as the Sun Java Plug-In, or is it entirely dependent on the Microsoft version?

View Replies View Related

SCripting.FileSystemObject In ASP

I have written this code in ASP

Dim oFSO
Dim oTempFolder

Set oFSO = Server.CreateObject("Scripting.FileSystemObject")
Set oTempFolder = oFSO.GetSpecialFolder(TemporaryFolder)

Response.Write "<br>Temporary Folder Name is " & oTempFolder.Name
Response.Write "<br>Temporary Folder Path is " & oTempFolder.Path

It hangs forever on the line
Set oTempFolder = oFSO.GetSpecialFolder(TemporaryFolder)

However it works perfectly if I write the same code in VB Application. Can anybody tells me what's wrong in it.

View Replies View Related

Action Scripting

Anyone can help me to create a Text Formating. AS I want that there is a object. I want to write some text in a textbox on Run time. and it displays on the object and if i want to change his font,size or color.

so tell me how its possible. can i get tha code from anybody or from anysite or anyone plz me to do this in Flash with Action Scripting.

View Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved