Reflected_XSS_All_Clients (C# sanitize issue)

542 Views Asked by Mark At 01 May 2023 at 22:09

I am using the tool Checkmarx to scan code for security vulnerabilities. One particular one is "Reflected XSS All Clients". The general fix to sanitize this is to use HttpUtility.UrlEncode or HttpUtility.HtmlEncode. I have come across some code that either one of these functions breaks the code since it strips out the tags which in this case are needed for a redirect. This is not code I have written, but scanning for a client. Any ideas on another way to fix this vulnerability?

        private string GetRedirectForm(string url, string response)
        {
            StringBuilder sb = new StringBuilder();
            sb.Append("<html>");
            sb.AppendFormat("<body onload='document.forms[0].submit()'>");
            sb.AppendFormat("<form action='{0}' method='post'>", url);
            sb.AppendFormat("<input type='hidden' name='SAMLResponse' value='{0}'>", response);
            sb.Append("</form>");
            sb.Append("</body>");
            sb.Append("</html>");
            return HttpUtility.UrlEncode( sb.ToString());
        }

Original Q&A

There are 1 best solutions below

Kolzar On 25 January 2024 at 11:24

I think you have two options:

you can use the HtmlSanitizer NuGet package in ASP.NET Core.

But you can encode the HTML before rendering it:

@Html.Raw(Html.Encode(Model.Html))

Reflected_XSS_All_Clients (C# sanitize issue)

There are 1 best solutions below

Related Questions in C#

Related Questions in CHECKMARX

Related Questions in HTTPUTILITY

Trending Questions

Popular # Hahtags

Popular Questions