????XSS ???(Cross Site Scripting) ???????????? ??Web?????г?????????????????????????????????(????JavaScript)?? ?????????????????????????????????????У????????????????.  ???????????Cookie?????????????????Я???????
??????????????????????XSS???????????????????????? ??????Ч????XSS???????
????XSS ????η???????
?????????????????textbox
????<input type="text" name="address1" value="value1from">
????value1from?????????????????????????????value1from?????????? "/><script>alert(document.cookie)</script><!- ???????
????<input type="text" name="address1" value=""/><script>alert(document.cookie)</script><!- ">
????????JavaScript?????????
??????????????????  "onfocus="alert(document.cookie)      ???????
????<input type="text" name="address1" value="" onfocus="alert(document.cookie)">
??????????????????????JavaScript?????????
??????????????????????????????????????
??????????????????????????QueryString(????URL??)??Cookie???????????. ???????

????HTML Encode
????XSS?????????? ???????????????????????? ????????????????????????????HTML Encode????? ?????е?"??????"?? “??????”??“????” ??????????????б???

??????C#????????????????????????HttpUtility.HtmlEncode("string <scritp>") ???????  ?????????System.Web??????
????Fiddler???????????????? ???Toolbar???"TextWizard" ???