跨站攻击大多是‘,用replace(request.form("asdfasdf"),"'","")
下面是html去
Asp正则除去找到匹配内容-回所有的查找
使用正则表达式:
电子邮件:w+([-+.]w+)@w+([-.]w+).w+([-.]w+)
HTML:<[^>]*>
<%
Function RemoveReg( strText, Re)'去找到匹配内容
Dim RegEx
Set RegEx = New RegExp
RegEx.Pattern = Re
RegEx.Global = True
RemoveReg = RegEx.Replace(strText, "")
End Function
Function FindReg( strText, Re) '函数返回所有的查找的内容,以“|”号隔开,
Dim RegEx
Set RegEx = New RegExp
RegEx.Pattern = Re
RegEx.Global = True
set aaa = RegEx.Execute(strText)
For Each Match in aaa '遍历匹配集合。
RetStr = RetStr & Match.Value&"|"
Next
FindReg=RetStr
End Function
'测试代码
html1="<html>电子邮件:
[email protected]<a href='asdfasdf'>电子邮件</a>"
response.Write RemoveReg( html1, "<[^>]*>")&"<br>"
response.Write FindReg( html1, "\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*")
%>
参考资料:http://www.qqlxinye.cn/a/ASPjiaocheng/2010/0424/1136.html