Asp. NET Notes session, HTTP, Web development principles, XSS vulnerabilities Detailed introduction _ Practical skills

1, session

2. Verification Code

Yzm.ashx

Copy Code code as follows:

<%@ WebHandler language= "C #" class= "Yzm"%>

Using System;
Using System.Web;

public class Yzm:ihttphandler, System.Web.SessionState.IRequiresSessionState
{

public void ProcessRequest (HttpContext context) {
Context. Response.ContentType = "Image/jpeg";
using (System.Drawing.Bitmap bitimage = new System.Drawing.Bitmap (130, 100))
{
Set Canvas
using (System.Drawing.Graphics g = System.Drawing.Graphics.FromImage (Bitimage))
{

Random numbers
Random my_random = new Random ();
int num_01 = My_random. Next (100);
int num_02 = My_random. Next (100);

int result = num_01 + num_02;
String num_string01 = Num_01.tostring ();
String num_string02 = Num_02.tostring ();
string result_string = result. ToString ();
Save to SessionID in the server
httpcontext.current.session["Yzm"] = result_string;
Set text
g.DrawString (num_string01 + "+" + num_string02+ "?", New System.Drawing.Font ("XXFarEastFont-Arial"), System.Drawing.Brushes.Red, new System.Drawing.PointF (0, 0));
Save to the output stream
Bitimage.save (context. Response.outputstream, System.Drawing.Imaging.ImageFormat.Jpeg);
}
}
}

public bool IsReusable {
get {
return false;
}
}

}

yzm.aspx

Copy Code code as follows:

<form id= "Form1" runat= "Server" >
<div>
<%--Click Refresh Verification Code--%>

</div>
<asp:textbox id= "TextBox1" runat= "Server" text= "" ></asp:TextBox>
<asp:button id= "Button1" runat= "Server" onclick= "Button1_Click" text= "button"/>
</form>

3, HTTP protocol

4, button to achieve the standard brother row Delete effects   Hyperlinks submit a form

5, Web development principles

6, XSS vulnerability  

  label similar controls: Literal controls, if the value of text in a property is <a href=" Www.baidu.com >hah</a> can be embedded links,

  can set the Mode property to encode

 7, virtual directory ~  :asp.net, always start under the application root