630
技術社區[雲棲]
網站跨站點腳本,Sql注入等攻擊的處理
從360安全論壇裏找到的一段代碼,經過整理封裝,直接在站點Global.asax文件或寫一個HttpModule來攔截惡意請求即可;
https://bbs.webscan.360.cn/forum.php?mod=viewthread&tid=711&page=1&extra=#pid1927
using System.Text.RegularExpressions;
using System.Web;
/// <summary>
/// Web請求安全檢查:防止跨站點腳本,Sql注入等攻擊,來自:https://bbs.webscan.360.cn/forum.php?mod=viewthread&tid=711&page=1&extra=#pid1927
/// 檢查數據包括:
/// 1.Cookie
/// 2.當前頁麵地址
/// 3.ReferrerUrl
/// 4.Post數據
/// 5.Get數據
/// </summary>
public class Safe360
{
#region 執行安全檢查
/// <summary>
/// 執行安全檢查
/// </summary>
public static void Procress()
{
const string errmsg =
"<div style='position:fixed;top:0px;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;'><br>您的提交帶有不合法參數,謝謝合作!<br><br>了解更多請點擊:<a href='https://webscan.360.cn'>360網站安全檢測</a></div>";
if (RawUrl())
{
HttpContext.Current.Response.Write(errmsg);
HttpContext.Current.Response.End();
}
if (CookieData())
{
HttpContext.Current.Response.Write(errmsg);
HttpContext.Current.Response.End();
}
if (HttpContext.Current.Request.UrlReferrer != null)
{
if (Referer())
{
HttpContext.Current.Response.Write(errmsg);
HttpContext.Current.Response.End();
}
}
if (HttpContext.Current.Request.RequestType.ToUpper() == "POST")
{
if (PostData())
{
HttpContext.Current.Response.Write(errmsg);
HttpContext.Current.Response.End();
}
}
if (HttpContext.Current.Request.RequestType.ToUpper() == "GET")
{
if (GetData())
{
HttpContext.Current.Response.Write(errmsg);
HttpContext.Current.Response.End();
}
}
}
#endregion
#region 安全檢查正則
/// <summary>
/// 安全檢查正則
/// </summary>
private const string StrRegex =
@"<[^>]+?style=[\w]+?:expression\(|\b(alert|confirm|prompt)\b|^\+/v(8|9)|<[^>]*?=[^>]*?&#[^>]*?>|\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|/\*.+?\*/|<\s*script\b|<\s*img\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
#endregion
#region 檢查Post數據
/// <summary>
/// 檢查Post數據
/// </summary>
/// <returns></returns>
private static bool PostData()
{
bool result = false;
for (int i = 0; i < HttpContext.Current.Request.Form.Count; i++)
{
result = CheckData(HttpContext.Current.Request.Form[i]);
if (result)
{
break;
}
}
return result;
}
#endregion
#region 檢查Get數據
/// <summary>
/// 檢查Get數據
/// </summary>
/// <returns></returns>
private static bool GetData()
{
bool result = false;
for (int i = 0; i < HttpContext.Current.Request.QueryString.Count; i++)
{
result = CheckData(HttpContext.Current.Request.QueryString[i]);
if (result)
{
break;
}
}
return result;
}
#endregion
#region 檢查Cookie數據
/// <summary>
/// 檢查Cookie數據
/// </summary>
/// <returns></returns>
private static bool CookieData()
{
bool result = false;
for (int i = 0; i < HttpContext.Current.Request.Cookies.Count; i++)
{
result = CheckData(HttpContext.Current.Request.Cookies[i].Value.ToLower());
if (result)
{
break;
}
}
return result;
}
#endregion
#region 檢查Referer
/// <summary>
/// 檢查Referer
/// </summary>
/// <returns></returns>
private static bool Referer()
{
return CheckData(HttpContext.Current.Request.UrlReferrer.ToString());
}
#endregion
#region 檢查當前請求路徑
/// <summary>
/// 檢查當前請求路徑
/// </summary>
/// <returns></returns>
private static bool RawUrl()
{
return CheckData(HttpContext.Current.Request.RawUrl);
}
#endregion
#region 正則匹配
/// <summary>
/// 正則匹配
/// </summary>
/// <param name="inputData"></param>
/// <returns></returns>
private static bool CheckData(string inputData)
{
return Regex.IsMatch(inputData, StrRegex);
}
#endregion
}
在Global.asax裏調用的代碼:
private void Application_BeginRequest(object sender, EventArgs e)
{
Safe360.Procress();
}
最後更新:2017-04-03 12:56:12