Remove Script Block from Querystring Value

Lakhangarg
Posted by Lakhangarg under ASP.NET category on | Views : 2750
Code to Remove Script Value From the Query string data. if the data of query string is not in encrypted form then its is necessary for us to use this piece of code. other wise our user can write the script and get our trusted data like username, password etc. that we want to hide.

This Piece of code is also useful where we accepts the user's input and show that value as it is.

public static string RemoveScriptBlock(string strData)
{
Int32 intStartIndex = strData.ToLower().IndexOf("<script");
while (intStartIndex >= 0)
{
strData = strData.Remove(intStartIndex, 8);
intStartIndex = strData.ToLower().IndexOf("<script");
}
intStartIndex = strData.ToLower().IndexOf("</script>");
while (intStartIndex >= 0)
{
strData = strData.Remove(intStartIndex, 9);
intStartIndex = strData.ToLower().IndexOf("</script>");
}
return strData;
}

Comments or Responses

Login to post response