My sample MVC .Net code as below . which is identified XSS possible by Fortify tool.
string path = "~/sample/index";
if(Url.IsLocalUrl(path)){
Response.Redirect(path , false);
}
Pls advise on an alternative method.
CodePudding user response:
We can use Server.Transfer(ppath); in place to get it through.