Preventing Javascript Injections in Classic ASP

Does anyone have experience/examples of how to prevent JavaScript Injections in Classic ASP
rckollarAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

VenabiliCommented:
It really depends on what you are doing in that ASP :)
See a discussion on some types of preventions:
http://www.keyongtech.com/1167255-preventing-form-injection-on-classic
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Wayne BarronAuthor, Web DeveloperCommented:
can you provide an example of this javascript injection
I would like to test it against what protection that I have.
0
Wayne BarronAuthor, Web DeveloperCommented:
Check out this please, and see if this is what you are referring too.
http://www.experts-exchange.com/Q_24801116.html#a25540991

Has not been hijacked yet.

Good Luck
Carrzkiss
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Wayne BarronAuthor, Web DeveloperCommented:
Needs to be a split their Angel.
Answer = (http:#31135224)
Assisted = (http:#31163665)

Carrzkiss
0
Wayne BarronAuthor, Web DeveloperCommented:
Hello Modus - Needs to be a split.
Answer = (http:#31135224)
Assisted = (http:#31163665)

Carzkiss
0
Wayne BarronAuthor, Web DeveloperCommented:
To ModernMatt

The link that I provided has 2 links
This is an example Tutorial that I just wrote especially for this Thread.
http://ee.cffcs.com/Q_24801116/Q_24801116.asp
code
http://ee.cffcs.com/Q_24801116/Q_24801116.zip

The files show how to prevent SQL and XSS Injection.
I always present the link to the actual EE page so that people can view the information that is listed on the page.

I wrote this script, it is a SQL & XSS Injection prevention script.
I have been recommended on this script for several EE's and other from outside sources.

No offence ModernMatt,
If you would have clicked on the link that is on the EE page, you would see the following:
http://ee.cffcs.com/Q_24801116/Q_24801116.asp
SELECT, INSERT, UPDATE, DELETE Statements in ASP using Parameter's, in the combat against SQL & XSS INJECTION

So, once again, I will over to Object to this again.

Carrzkiss
0
VenabiliCommented:
I thought it was not needed to post but I agree with carrzkiss here. Even if technically the user was asking for Javascript injections, the question is about SQL and XSS ones - they go together. So I would split.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP

From novice to tech pro — start learning today.