This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Searching for Code in Classic ASP"
(→Database) |
|||
| Line 1: | Line 1: | ||
| + | [[OWASP Code Review Guide Table of Contents]]__TOC__ | ||
| + | |||
==Inputs== | ==Inputs== | ||
Request <br> | Request <br> | ||
| Line 63: | Line 65: | ||
Server.Transfer <br> | Server.Transfer <br> | ||
Server.Execute <br> | Server.Execute <br> | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | [[Category:OWASP Code Review Project]] | ||
Revision as of 13:16, 11 January 2009
OWASP Code Review Guide Table of ContentsInputs
Request
Request.QueryString
Request.Form
Request.ServerVariables
Query_String
hidden
include
.inc
Output
Response.Write
Response.BinaryWrite
<%=
Cookies
.cookies
Error Handling
err.
Server.GetLastError
On Error Resume Next
On Error GoTo 0
Information in URL
location.href
location.replace
method="GET"
Database
commandText
select from
update
insert into
delete from where
exec
execute
.execute
.open
ADODB.
commandtype
ICommand
IRowSet
Session
session.timeout
session.abandon
session.removeall
DOS Prevention
server.ScriptTimeout
IsClientConnected
Logging
WriteEntry
Redirection
Response.AddHeader
Response.AppendHeader
Response.Redirect
Response.Status
Response.StatusCode
Server.Transfer
Server.Execute
