asp.net Request.querystring集合过滤防止注入
2018-3-27 0:00:00
using System.Collections.Generic;
IDictionary<string, string> Dict_query = new Dictionary<string, string>();
foreach (string key in Request.QueryString.Keys)
{
Dict_query[key] =Text.killURLattack(Request.QueryString[key]);
}
RQ_ID1 = Dict_query["ID1"];
RQ_linkMdb = Dict_query["linkMdb"];
判断:
if (Dict_query.ContainsKey("ID2")) //判断是否有ID2的参数提交上来
{
RQ_ID2 = Dict_query["ID2"];
}