XssValidator

Namespace: ASPSecurityKit.Xss
Assembly: ASPSecurityKit.dll

Summary

Implements the IXssValidator to perform detection of XSS injection.

Methods

HasXSSCharacters(s,matchIndex)

Summary

Determines if a string has any potential XSS characters.

Returns

true if some XSS characters were found; otherwise, false.

Parameters
Name Type Description
s System.String The string to analyze for XSS characters.
matchIndex System.Int32 (Out) The index from where the XSS characters were found.

Validate(modelValue,modelName)

Summary

Traverses the properties of the given model recursively and validates string properties and array items for XSS.

Parameters
Name Type Description
modelValue System.Object The model value.
modelName System.String Name of the model.
Exceptions
Type Description
ASPSecurityKit.Xss.XssDetectedException When XSS characters are found.

TraverseAndValidate(modelName,modelValue,validated)

Summary

Traverses the properties of the given model recursively and validates string properties for XSS.

Parameters
Name Type Description
modelName System.String Name of the model.
modelValue System.Object The model value.
validated System.Collections.Generic.HashSet<System.Object> The objects already validated to avoid infinite recursion.
Exceptions
Type Description
ASPSecurityKit.Xss.XssDetectedException When XSS characters are found.

IsAlphabet(c)

Summary

Determines if the specified character is an English letter (a-z) in either lower or upper case.

Returns

true if the specified character is an English letter (a-z) in either lower or upper case; otherwise, false.

Parameters
Name Type Description
c System.Char The character

Validate(propertyName,value)

Summary

Validates the specified value for XSS.

Parameters
Name Type Description
propertyName System.String Name of the property.
value System.String The value.
Exceptions
Type Description
ASPSecurityKit.Xss.XssDetectedException When XSS characters are found.