Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
U
U
User992022-02-25 07:55:11
ASP.NET
User99, 2022-02-25 07:55:11

How to escape user input?

I work in a sheaf ASP.NET Core C#+Dapper
Users are registered in system. Found in the database records like <script>alert('sss')script> and so on.
The question is, should user input be escaped? If yes, how to do it?
using C# or Dapper? can you give some examples?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vasily Bannikov, 2022-02-25
@vabka

The question is, should user input be escaped? Yes.


If yes, how to do it?
using C# or Dapper?

At the front. Save it to the database as it is, but when you show it to someone, use HTML entity

Similar questions
A
Alexander Zaitsev2016-01-23 00:19:59
What books should a Jun-Mid developer read in ASP.NET MVC? 2Reply
N
Nik Faraday2021-09-09 13:28:52
How to create proper hierarchy in asp.NET Core MVC? 2Reply
E
EElliiaann2020-06-20 17:11:15
ASP.NET Core. Why are records not saved in the database? 0Reply
V
Vaskiv992018-06-12 12:20:46
What library does .net core have to save bytes in video? 1Reply
D
Dinar16232016-01-30 09:11:07
Do you need C# and ASP.NET programmers in freelancing (particularly UpWork)? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question