Preventing XSS issue while using DataGrid

Expand Post »

Hi,
I am using DataGrid to display the data from the database. I have used the event ItemDataBound to encode the data coming from the database before being displayed in the grid. Is there any other efficient/recommended method to avoid XSS issue while using DataGrid for displaying data from the database?

Thanks,
Umesh D K

Similar Threads

Site security tester - help needed in PHP
Data not showing up in DataGrid in VB.NET
DataGrid with Timer Control in VB.NET
Put data into a DataGrid (ADO, ACCESS, VB6) in Visual Basic 4 / 5 / 6
Edit item event handler issue in ASP.NET

UmeshDK

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

1 posts
since Nov 2009

Permalink

Nov 16th, 2009

Re: Preventing XSS issue while using DataGrid

ASP.NET 2.0 GridView HtmlEncode property of Bound Columns is set to true for security reasons (to prevent xss attacks). I think you are working with 1.1 version.

Take a look at this MSDN article - Take Advantage of ASP.NET Built-in Features to Fend Off Web Attacks

adatapost

Moderator

Reputation Points: 2134

Solved Threads: 1227

Posting Genius

Offline

6,524 posts
since Oct 2008

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in ASP.NET Forum Timeline: Login as different user in asp.net as in sharepoint

Next Thread in ASP.NET Forum Timeline: Problem with website in iis 7

DaniWeb Message

Cancel Changes

User Name
Password