xss 漏洞修复室 <script>alert('xss')</script>,应该放在哪?我的站源码如下: 10
<%classtype=request.QueryString("classtype")bigclass=request.QueryString("bigclass")i...
<%
classtype=request.QueryString("classtype")
bigclass=request.QueryString("bigclass")
if bigclass="" then
rs.open "select * from news where ntype='"& classtype &" ' order by id desc",dconn,1,1
bigclass=rs("bigclass")
else
rs.open "select * from news where bigclass='"& bigclass &"' order by id desc",dconn,1,1
end if
%> 展开
classtype=request.QueryString("classtype")
bigclass=request.QueryString("bigclass")
if bigclass="" then
rs.open "select * from news where ntype='"& classtype &" ' order by id desc",dconn,1,1
bigclass=rs("bigclass")
else
rs.open "select * from news where bigclass='"& bigclass &"' order by id desc",dconn,1,1
end if
%> 展开
1个回答
展开全部
<%
classtype=request.QueryString("classtype")
bigclass=request.QueryString("bigclass")
if bigclass="" then
rs.open "select * from news where ntype='"& classtype &" ' order by id desc",dconn,1,1
bigclass=rs("bigclass")
end if
rs.open "select * from news where bigclass='"& bigclass &"' order by id desc",dconn,1,1
%>
<script>alert('xss')</script>
classtype=request.QueryString("classtype")
bigclass=request.QueryString("bigclass")
if bigclass="" then
rs.open "select * from news where ntype='"& classtype &" ' order by id desc",dconn,1,1
bigclass=rs("bigclass")
end if
rs.open "select * from news where bigclass='"& bigclass &"' order by id desc",dconn,1,1
%>
<script>alert('xss')</script>
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
