开发者

Potentially dangerous Request.Form value - Exception

today I receive multiple (50->*) e-mails regarding:

A potentially dangerous Request.Form value was detected from the client (ctl00$Content$InputSt开发者_如何学Goreet="OzgYPY  <a href="http://effe...").

and

A potentially dangerous Request.Form value was detected from the client (ctl00$Content$InputStreet="GVdtWm  <a href="http://mxif...").

and

...

on one of my websites. In Global I have some code which sends e-mail when exceptions occur.

The IP address the requests come from is not the same. Is my site under some kind of attack?

Best regards, Lasse Espeholt


These kind of attacks are common, we're monitoring several hundred sites for clients and are building a database of these attacks currently.

The fact that ASP.NET protects against these is good. you're 'secure by default'.

Cheers,

Phil.


I think we'd need more detail to be sure but from the message in the email it looks as if someone is entering a value in your Street field that .NET is regarding as dangerous. This could be a number of things, I see from your profile you are form Denmark, are the Street names there likely to contain anything dangerous?

Examples are < and >.

It could just be a really eager user who wants to sign-up? Or a bunch of people from the same area?

What's the context of the site?


It might be a script injection attack, something/some one is trying to update your form InputStreet input field with script. More info about script injection attacks

Further info: Script injection attacks and ASP.NET

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜