Give the ASP program a little more security

Security | procedures

# using on Error Resume Next This line of statements is equal to telling the server handler: "If I make a mistake, hehe, don't care about me, go on ...". Doing so allows you to capture many of the errors that can be captured and handled, better than the code that gives the family a look at the error. When debugging, it is best not to open, one side can not find what went wrong. # Server IIS is set to an error and the server has an error while processing the URL. Please contact your system administrator. "(Set in application configuration) You can avoid revealing details to your visitors after an error, and your secret will not have to worry about revealing the error message. # Check the validity of the parameters passed This is very important, according to my test, many of the domestic site of the ASP program if it changed the value of its parameters, generally will be wrong. Checking the legality can obviously reduce the error probability. The concrete method is no longer described here. # as little as possible to pass parameters in get way At the most basic point, this way is more than the POST way to transmit some bytes of the URL to the server, the utilization of the system resources will increase accordingly. It's also good from a security standpoint to reduce command line attacks. # Use fewer Chinese filenames Perhaps you think the Chinese file name is more cool, but from a professional point of view, there are many drawbacks. It becomes cumbersome to hit the address manually; the place where you need to enter the filename in the debugging also has to open the input method or copy and paste the filename; it's not professional enough.