public ActionResult SQLInjection(string text)
{
using (var ctx = new SampleModel())
{
var newItem = new InjectionSampleItem()
{
Id = Guid.NewGuid(),
Text = text
};
ctx.InjectionSampleItems.Add(newItem);
ctx.SaveChanges();
}
return(RedirectToAction(nameof(SQLInjection)));
}
public ActionResult XSSValidate(string text)
{
using (var ctx = new SampleModel())
{
ctx.XSSSampleItems.Add(new XSSSampleItem()
{
Id = Guid.NewGuid(),
Text = text
});
ctx.SaveChanges();
return(RedirectToAction(nameof(XSS)));
}
}
public ActionResult XSSSanitize(string text)
{
using (var ctx = new SampleModel())
{
var sanitizer = new HtmlSanitizer();
var sanitizedInput = sanitizer.Sanitize(text);
ctx.XSSSampleItems.Add(new XSSSampleItem()
{
Id = Guid.NewGuid(),
Text = sanitizedInput
});
ctx.SaveChanges();
return(RedirectToAction(nameof(XSS)));
}
}
