Using URLScan from microsoft, do you know of any way to scan the form data for malicious input? The equivalent of validateRequest (from asp.net) but for classical asp? I want to block all data received from the browser that has potentially malicious input, for example, input that contains < script > elements or other forms of xss
Any clues?
There's nothing built in. Here's some suggestions:
http://aspalliance.com/1703_SQL_Injection_in_Classic_ASP_and_Possible_Solutions.all