safe_360.cs
using System;
using System.Collections.Generic;
using System.Text.RegularExpressions;
using System.Web;
/// <summary>
/// safe_360 的摘要说明
/// </summary>
public class safe_360
{
private const string StrRegex = @"<[^>]+?style=[\w]+?:expression\(|\b(alert|confirm|prompt)\b|^\+/v(8|9)|<[^>]*?=[^>]*?&#[^>]*?>|\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|/\*.+?\*/|<\s*script\b|<\s*img\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
public static bool PostData()
{
bool result = false;
for (int i = 0; i < HttpContext.Current.Request.Form.Count; i++)
{
result = CheckData(HttpContext.Current.Request.Form[i].ToString());
if (result)
{
break;
}
}
return result;
}
public static bool GetData()
{
bool result = false;
try
{
for (int i = 0; i < HttpContext.Current.Request.QueryString.Count; i++)
{
string curQ = HttpContext.Current.Request.QueryString[i].ToString();
result = CheckData(curQ);
if (result) break;
}
}
catch (HttpRequestValidationException hrve)
{
result = true;
}
return result;
}
public static bool CookieData()
{
bool result = false;
for (int i = 0; i < HttpContext.Current.Request.Cookies.Count; i++)
{
result = CheckData(HttpContext.Current.Request.Cookies[i].Value.ToLower());
if (result)
{
break;
}
}
return result;
}
public static bool referer()
{
bool result = false;
return result = CheckData(HttpContext.Current.Request.UrlReferrer.ToString());
}
public static bool CheckData(string inputData)
{
bool result = false;
//为true 表示有恶意代码
if (Regex.IsMatch(inputData, StrRegex))
{
result= true;
}
else
{
if (inputData.IndexOf("'==") > -1)
{
result = true;
}
else
{
result = (inputData.Contains("|") || inputData.Contains("&") || inputData.Contains(";")
|| inputData.Contains("$") || inputData.Contains("$") || inputData.Contains("'")
|| inputData.Contains("\"") || inputData.Contains("\\'") || inputData.Contains("\\\"")
|| inputData.Contains("<") || inputData.Contains(">") || inputData.Contains("(")
|| inputData.Contains(")") || inputData.Contains("+") || inputData.Contains("\r")
|| inputData.Contains("\n") || inputData.Contains(",") || inputData.Contains("\\"));
}
}
return result;
}
}
Global.asax
protected void Application_BeginRequest(object sender, EventArgs e)
{
if (Request.Cookies != null)
{
if (safe_360.CookieData())
{
Response.ContentType = "text/ plain;charset=utf-8";
Response.Write("您提交的Cookie数据有恶意字符!");
Response.End();
}
}
if (Request.UrlReferrer != null)
{
if (safe_360.referer())
{
Response.ContentType = "text/ plain;charset=utf-8";
Response.Write("您提交的Referrer数据有恶意字符!");
Response.End();
}
}
if (Request.RequestType.ToUpper() == "POST")
{
if (safe_360.PostData())
{
Response.ContentType = "text/ plain;charset=utf-8";
Response.Write("您提交的Post数据有恶意字符!");
Response.End();
}
}
if (Request.RequestType.ToUpper() == "GET")
{
if (safe_360.GetData())
{
Response.ContentType= "text/ plain;charset=utf-8";
Response.Write("您提交的Get数据有恶意字符!");
Response.End();
}
}
}