XssValidator

_{Namespace: ASPSecurityKit.Xss
Assembly: ASPSecurityKit.dll}

Summary

Implements the IXssValidator to perform detection of XSS injection.

Methods

HasXSSCharacters(s,matchIndex)

Summary

Determines if a string has any potential XSS characters.

Returns

true if some XSS characters were found; otherwise, false.

Parameters

Name	Type	Description
s	System.String	The string to analyze for XSS characters.
matchIndex	System.Int32 (Out)	The index from where the XSS characters were found.

Validate(modelValue,modelName)

Summary

Traverses the properties of the given model recursively and validates string properties and array items for XSS.

Parameters

Name	Type	Description
modelValue	System.Object	The model value.
modelName	System.String	Name of the model.

Exceptions

Type	Description
ASPSecurityKit.Xss.XssDetectedException	When XSS characters are found.

TraverseAndValidate(modelName,modelValue,validated)

Summary

Traverses the properties of the given model recursively and validates string properties for XSS.

Parameters

Name	Type	Description
modelName	System.String	Name of the model.
modelValue	System.Object	The model value.
validated	System.Collections.Generic.HashSet<System.Object>	The objects already validated to avoid infinite recursion.

Exceptions

Type	Description
ASPSecurityKit.Xss.XssDetectedException	When XSS characters are found.

IsAlphabet(c)

Summary

Determines if the specified character is an English letter (a-z) in either lower or upper case.

Returns

true if the specified character is an English letter (a-z) in either lower or upper case; otherwise, false.

Parameters

Name	Type	Description
c	System.Char	The character

Validate(propertyName,value)

Summary

Validates the specified value for XSS.

Parameters

Name	Type	Description
propertyName	System.String	Name of the property.
value	System.String	The value.

Exceptions

Type	Description
ASPSecurityKit.Xss.XssDetectedException	When XSS characters are found.