利用HttpApplicaton請求管道防止SQL注入

標籤：net   write   int   ret   post   請求   match   NPU   cmd   

HttpApplication通過事件管道的方式處理請求，注意對請求的資料過濾filter和根據請求的類型交由相應的處理常式Handler處理。
管道注入由兩種一種實現介面IHttpModule,另一種直接Global類中添加方法。
SQL注入網站安全的威脅，關防止的方法：一種不允許敏感性資料請求，一種將敏感性資料重字串中過濾。要求針對所有的使用者請求，所有在BeginRequest事件中處理（也可以說是一種AOP編程）。

CODE

SQL注入處理類

public class SQLInjectionHelper    {        public static bool ValidUrlData(string request)        {            bool result = false;            //擷取pos資料            if(request == "POST")            {                for(int i = 0; i < HttpContext.Current.Request.Form.Count; i++)                {                    result = ValidData(HttpContext.Current.Request.Form[i].ToString());                    if (result)                    {                        break;                    }                }            }            //擷取QueryString中的資料            else            {                for(int i = 0; i < HttpContext.Current.Request.QueryString.Count; i++)                {                    result = ValidData(HttpContext.Current.Request.QueryString[i].ToString());                    if (result)                    {                        break;                    }                }            }            return result;        }        /// <summary>        /// 判斷是否存在注入代碼        /// </summary>        /// <param name="inputData"></param>        /// <returns></returns>        private static bool ValidData(string inputData)        {            if (Regex.IsMatch(inputData, GetRegexString())){                return true;            }            else            {                return false;            }        }                /// <summary>        /// 擷取Regex        /// </summary>        /// <returns></returns>        private static string GetRegexString()        {            string[] strBadChar = { "and" ,"exec","insert","select","delete","update" ,"count",                "from"," drop","asc"," char","or" ,"%",";",":","\‘","\"","-"," chr" ,"mid","master","truncate",                "char","declare" ,"SiteName","net user","xp_ cmdshell","/add" ,"exec master. dbo. xp_ cmdshell",                "net localgroup administrators" };            string str_Regex = ".*(";            for(int i = 0; i < strBadChar.Length-1; i++)            {                str_Regex += strBadChar[i] + "|";            }            str_Regex += strBadChar[strBadChar.Length - 1] + ").*";            return str_Regex;        }    }

添加到Global類

        void Application_BeginRequest(object sender,EventArgs e)        {            bool result = false;            result = SQLInjectionHelper.ValidUrlData(Request.RequestType.ToUpper());            if (result)            {                Response.Write("您提交的資料有惡意字元");                Response.End();            }        }

利用HttpApplicaton請求管道防止SQL注入