i have website without any form in it, we only give information one way to client, but our website got xss attack and the browser can not read css corecly ( i think) , when i test the page in my local machine nothing wrong, all tag in correct position.
How other can inject script if there is no form in the page?
is there any tool for analize runing website or localhot from xss attack? i try xss me from firefox but it can not analize page without form.
i am using cshtml page, how to defend it from xss attack ?
i use 2 domain and 1 sub domain has same copy of the website, but all of them can not run correcly in production server now, even we put it in different server and different IP adrress, it`s only working in my localhost or intranet. any guide to handle this
kind attack ? i try googling but seem can not find one yet.
My website running normal for few month, but 2 days ago the website almost like dont Have any css not in it, only some div in the correct position. None of us touch the website file, then I try to upload fress copy from my backup file, but result still same
( the website almost like can not control by css ) To make sure I download again the file to localhost and intranet, there's no problem with CSS, and website work like what we want. Then i use other computer and use other different IP address and make it live,
with fresh file website .. Within less than 2 second the website become un predicted seems CSS can not control it, I will let you fresh copy of my page and test it in ur machine and I am sure it will work like normally, the problem comes only after I uploaded
it to my domain. I think that is XSS, I hope I am wrong with this...
fredd_and
Member
43 Points
45 Posts
handle xss attack in webmatrix
Jan 09, 2013 03:38 PM|LINK
i have website without any form in it, we only give information one way to client, but our website got xss attack and the browser can not read css corecly ( i think) , when i test the page in my local machine nothing wrong, all tag in correct position.
How other can inject script if there is no form in the page?
is there any tool for analize runing website or localhot from xss attack? i try xss me from firefox but it can not analize page without form.
i am using cshtml page, how to defend it from xss attack ?
i use 2 domain and 1 sub domain has same copy of the website, but all of them can not run correcly in production server now, even we put it in different server and different IP adrress, it`s only working in my localhost or intranet. any guide to handle this kind attack ? i try googling but seem can not find one yet.
thank you
Mikesdotnett...
All-Star
154927 Points
19867 Posts
Moderator
MVP
Re: handle xss attack in webmatrix
Jan 09, 2013 06:43 PM|LINK
You defend against XSS by ensuring that all user input is HTML Encoded when it is written to the browser. This happens by default in Web Pages.
From the description you provide, it doesn't sound like you have been subject ot an XSS attack. Why do you think you have?
Beginning ASP.NET Web Pages with WebMatrix | My Site | Twitter
fredd_and
Member
43 Points
45 Posts
Re: handle xss attack in webmatrix
Jan 10, 2013 12:45 AM|LINK
fredd_and
Member
43 Points
45 Posts
Re: handle xss attack in webmatrix
Jan 10, 2013 01:53 AM|LINK
got it, some news input in other site make our website can be hack by other...
thank you