public ActionResult SQLInjection(string text) { using (var ctx = new SampleModel()) { var newItem = new InjectionSampleItem() { Id = Guid.NewGuid(), Text = text }; ctx.InjectionSampleItems.Add(newItem); ctx.SaveChanges(); } return(RedirectToAction(nameof(SQLInjection))); }
public ActionResult XSSValidate(string text) { using (var ctx = new SampleModel()) { ctx.XSSSampleItems.Add(new XSSSampleItem() { Id = Guid.NewGuid(), Text = text }); ctx.SaveChanges(); return(RedirectToAction(nameof(XSS))); } }
public ActionResult XSSSanitize(string text) { using (var ctx = new SampleModel()) { var sanitizer = new HtmlSanitizer(); var sanitizedInput = sanitizer.Sanitize(text); ctx.XSSSampleItems.Add(new XSSSampleItem() { Id = Guid.NewGuid(), Text = sanitizedInput }); ctx.SaveChanges(); return(RedirectToAction(nameof(XSS))); } }