I have no knowledge in Classic ASP, and I'm tasked to solve XSS and XSRF vulnerabilities of the Classic ASP web application. I need to know t开发者_如何学Pythonhe following:
- How do I submit a request value to the next page, if I'm using a Response.Redirect("someurl")? I'm not allowed to use GET, only POST.
- Does Response Redirect behave like RequestDispatcher sendRedirect?
- How do I do a forward instead of redirect in classic ASP?
- How do I set a request attribute in classic ASP without using a form?
Response.Redirect in classic asp sends a HTTP 302 Object Moved status code to the client. furthermore it sends the "new" location. so the client will send a new request to the "new" location.
you could use server xmlhttp to do a post request on the server side..
Response.Redirect Method
How To Submit Form Data by Using XMLHTTP or ServerXMLHTTP Object
How do I do a forward instead of redirect in classic ASP?
I guess you mean pass the existing form data to different page? For this use Server.Transfer method.
How do I set a request attribute in classic ASP without using a form?
You can't it's Read Only. If you mean how it's possible to imitate Posting form data without actual form, it's possible using basic AJAX and you must assume every visitor can do it, meaning you can't trust Request.Form values. They can easily be spoofed.
In answer to part 1, 4
To send a value without using a form use
response.redirect("target_page.asp?MyParam=Something")
to retrieve a value in the target_page from a named parameter sent by the GET method, use
MyVariable = Request.QueryString("MyParam")
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论