Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
U
U
User992022-02-25 07:55:11
ASP.NET
User99, 2022-02-25 07:55:11

How to escape user input?

I work in a sheaf ASP.NET Core C#+Dapper
Users are registered in system. Found in the database records like <script>alert('sss')script> and so on.
The question is, should user input be escaped? If yes, how to do it?
using C# or Dapper? can you give some examples?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vasily Bannikov, 2022-02-25
@vabka

The question is, should user input be escaped? Yes.


If yes, how to do it?
using C# or Dapper?

At the front. Save it to the database as it is, but when you show it to someone, use HTML entity

Similar questions
T
Therapyx2015-07-27 19:53:36
How to remove permanent css focus on multiline textbox? 1Reply
Y
Ytsu Ytsuevich2015-07-27 21:45:17
How to disable Resharper for ASP.NET? 0Reply
T
TimeCoder2017-07-04 23:36:34
How to properly use DTO in real asp.net core WebAPI projects? 1Reply
Y
Ytsu Ytsuevich2015-07-29 00:13:14
Are there big differences between versions of ASP.NET MVC? 3Reply
A
Arseniy Efremov2017-07-07 20:06:37
How suitable is ASP.NET Core for a starter project? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question